locked
Move the UAG Toolbar changePassword link to an application RRS feed

  • Question

  • Hi All,

    I have a website that we are publishing with UAG. I want to disable the UAG portal but give users accessing my website through UAG the oppertunity to change their (AD) passwords. I've moved the "Change Password" link which is available in the UAG toolbar under the "Credentials Management" to my website. When i test this i get a logon error: "The logon process cannot be completed. The page was accessed from an unauthorized URL."

    Tested with the following steps:
    Logon UAG -> Start my application from the UAG portal -> Click the changePassword link on my application -> logon error.

    When i first access the changePassword link on the UAG toolbar it works fine!? Steps taken:
    Logon UAG -> Click the changePassword link on the UAG toolbar -> OK -> Start my application from the UAG portal -> Click the changePassword link on my application -> OK

    Why do i first need to start the changePassword from the UAG toolbar to get this scenario working??
    Why do i get a logon error when i start the changePassword from my application?
    Can this scenario work?

    Any help would be much appreciated. Please do let me know if you need more details.

    Regards,

    Maikel.

    Wednesday, February 1, 2012 9:57 AM

All replies

  • Hi Maikel,

    Have a read of this: http://blogs.technet.com/b/ben/archive/2010/03/15/troubleshooting-ruleset-issues.aspx

    By moving the link, you may need to amend the default rule set rules...

    Cheers

    JJ

     


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Thursday, February 2, 2012 12:40 PM
  • Hi JJ,

    Adding or changing rules didn't help, btw a rule for "/internalsite/loginchangepassword\.asp" is by default created when you create a trunk.

    Also i'm not moving a link i'm just calling the same link from my application instead of from the toolbar. The link that i'm calling is: https://mydomain/InternalSite/LoginChangePassword.asp?login_type=13&site_name=ns&secure=1&index=0, which is a copy from the toolbar change password link.

    The error that i get:

    Logon error
    The logon process cannot be completed. The page was accessed from an unauthorized URL.

    It looks like the toolbar must be visible and activated (?) before a call that link from my application!? The strange thing is that the error url is also from InternalSite  (/InternalSite/InternalError.asp?error_code=116) and this one is working....

    Regards,

    Maikel.

    Wednesday, February 22, 2012 3:19 PM
  • Can you check if you get a corresponding error in Web Monitor Events and see if this provides any more info...

    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    Wednesday, February 22, 2012 4:10 PM
  • No errors in the Web Monitor Events. I've enabled tracing and see the following:

    Info:returned TRUE: cWhlServer(localhost:0), cRealServer(localhost:6001)

    Info:End. CheckUrlAginstRuleset(): Rule[InternalSite_Rule8] [Internal Site] [GET] </internalsite/loginchangepassword.asp> Result[CheckResultSuccess]

    Info:Did not find Auth Conversation State.

    Info:Request sent from filter to web server

    Info:[GET /InternalSite/LoginChangePassword.asp?login_type=13&site_name=ns&secure=1&index=0 HTTP/1.1

    After this there is my error "InternalError.asp?error_code=116" message.

    So resolving to localhost:6001 is ok, RuleSet is ok.

    Any ideas?

    Friday, February 24, 2012 12:13 PM