none
FormLogin.xml - Error "more than one form" RRS feed

  • Question

  • Hi all,

    I'm trying to create a custom formlogin.xml to enable SSO backend web application but i get this error message stating "more than one form" when accessing the application from the UAG portal.
    I assume it has to do with the form name setting in formlogin.xml since i see more than one form setting in the source code.
    I've read the following blogs when configuring formlogin.xml:

    http://blogs.technet.com/b/ben/archive/2010/09/02/uag-custom-form-login.aspx
    http://blogs.technet.com/b/ben/archive/2010/01/23/custom-form-login-sso-how-to.aspx
    http://blogs.technet.com/b/fesnouf/archive/2010/03/18/understanding-and-extending-uag-web-sso-capabilities.aspx

    among others and just about all the threads i can find on this forum about custom formlogin.xml.
    I just hope i didn't miss this one and is wasting anyones time.
    the source code for the login page looks like this:

    <td>Username:</td>
    <td>
    <form class="my_form" id="details1" name="details1" onsubmit="return(doSubmit1())" action="">
    <div>
    <input type="text" class="txt" name="usr" id="usr" style="border: 1px solid rgb(0, 0, 0);" />
    </div>
    </form>
    </td>
    </tr>
    <tr class="fixed-height">
    <td></td>
    <td>Password:</td>
    <td>
    <form class="my_form" id="details2" name="details2" onsubmit="return(doSubmit2())" action="">
    <div>
    <input type="password" class="txt" name="psw" id="psw" />
    </div>
    </form>
    

    and my formlogin.xml looks like this:

    <APPLICATION>
    	<APPLICATION_TYPE>Web</APPLICATION_TYPE>
    	<USAGE description="form_login">
    	<PRIMARY_HOST_URL>.*default\.asp</PRIMARY_HOST_URL>
    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME>
    	<USER_AGENT>
    		<AGENT_TYPE search="group">all_supported</AGENT_TYPE>
    		<POLICY>multiplatform</POLICY>
    		<SCRIPT_NAME source="data_definition">FormLoginHandler</SCRIPT_NAME>
    	</USER_AGENT>
    	<MULTIPLE_LOGIN>false</MULTIPLE_LOGIN>
    	<LOGIN_FORM>
    		<NAME>details1</NAME>
    		<METHOD>POST</METHOD>
    		<CONTROL handling="dummy_value">
    			<TYPE>text</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    		<CONTROL handling="dummy_value">
    			<TYPE>password</TYPE>
    			<NAME>psw</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    	</LOGIN_FORM>
    	</USAGE>
    </APPLICATION>
    

    I understand thatI must define the name of the form in which I want to input credentials, and in that have to problems.
    1. Though I've stated the form name it doesn't seem to find it.
    2. The input for username and password are in different forms. How do i configure that in formlogin.xml?
    Does anyone have a suggestion on how to get this working? Any help would be greatly appreciated!
    Thanks for reading.


    Best Regards
    Joakim

    Tuesday, September 27, 2011 11:48 PM

Answers

  • You are nearly there! It looks as if the page you are trying to form fill has more than one form, hence the error. What you'll need to do is create your own script which refers to the form on the page either directly or by the order of the form in the form object array. What I have done in these situation is to first add a new logon script in the file von\Conf\FormloginDataDefinitions such as:

                    <SCRIPT name="FormLoginNewScript">
                <!-- Possible value javascript or vbscript, if javascript tag could be omitted-->
                <LANGUAGE>javascript</LANGUAGE>
                <!-- Possible value cdata or base64, if javascript tag could be omitted-->
                <BODY encoding="cdata">
                    <![CDATA[
                        function FormLoginSubmit()

                        {  
                                               document.loginForm.submit.click();
                                               return false;
                        }
                    ]]>
                </BODY>
            </SCRIPT>

    In the formlogin.xml script change the line

    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME

    to

    	<SCRIPT_NAME source="data_definition">FormLoginNewScript</SCRIPT_NAME

    where you reference the name of the new script you created. Check that you can open each of these pages in a browser window so you know there aren't any xml errors.  Activate the configuration and hopefully it should then work.

    Hope this helps,

    Peter


    • Edited by SwanseaPete Wednesday, September 28, 2011 2:29 PM
    • Marked as answer by Joakim Hogstrom Thursday, September 29, 2011 6:33 PM
    Wednesday, September 28, 2011 2:28 PM
  • Hi, You will be able to see if the SSO engine in UAG has picked up your configuration as you will see the values being inserted into the relevant text boxes. I think in the XML you have just posted that:

    <CONTROL handling="dummy_value">
    			<TYPE>text</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>

    Should read something like this with the <TYPE> being USER_NAME rather than 'text'. 

    <CONTROL handling="real_value">
                    <TYPE>USER_NAME</TYPE>
                    <NAME>usr</NAME>
                    <DEF_VALUE>siteusr</DEF_VALUE>
     </CONTROL>

     

    I would for testing purposes put "real_value" in the xml so you can see what is being inserted into the form is the value you expect. Make sure the name of the form is correct in the <LOGIN_FORM> <NAME></NAME> and also for the user name password and submit fields (which I am not sure if you'll need or not but I always include it)

    Hope this helps.

    Peter

     

    Thursday, September 29, 2011 9:59 AM
  • Peter, those where the last pieces of the puzzle! Thank you so much :)

    The reason to why I had set <TYPE> to text was that I thought it had to match the type-setting in the input element i was targeting. In my case:

    <input type="text" class="txt" name="usr" id="usr" style="border: 1px solid rgb(0, 0, 0);" />
    

    Obviously I was wrong! Setting the <TYPE> value to "USER_NAME" vill inject the username and setting it to "PASSWORD" will inject the password.

    This Thread started because of the "more than one form" error and we've discussed how to configure formlogin.xml to inject username and password to different forms. Actually I didn't have to do that at all! It seems that UAG finds those input-fields anyway, at least in my case. So I ended up not defining any forms for username and password injection in formlogin.xml. The final result of my formlogin.xml looks like this:

    <APPLICATION>
    	<APPLICATION_TYPE>Web</APPLICATION_TYPE>
    	<USAGE description="form_login">
    	<PRIMARY_HOST_URL>.*default\.asp</PRIMARY_HOST_URL>
    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME>
    	<USER_AGENT>
    		<AGENT_TYPE search="group">all_supported</AGENT_TYPE>
    		<POLICY>multiplatform</POLICY>
    		<SCRIPT_NAME source="data_definition">FormLoginHandler</SCRIPT_NAME>
    	</USER_AGENT>
    	<MULTIPLE_LOGIN>true</MULTIPLE_LOGIN>
    	<LOGIN_FORM>
    		<NAME></NAME>
    		<METHOD>POST</METHOD>
    		<CONTROL handling="dummy_value">
    			<TYPE>USER_NAME</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    		<CONTROL handling="dummy_value">
    			<TYPE>USER_NAME</TYPE>
    			<NAME>psw</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    	</LOGIN_FORM>
    	</USAGE>
    </APPLICATION>
    


    I'm using <TYPE> "USER_NAME" for both username and password injection because the backend application uses the username for both values.

    Even though the injection part doesn't seem to care about forms the submit part of SSO certainly does! That's were Peter script comes to the rescue since the standard script "FormLoginSubmitStandard" found in von\Conf\FormloginDataDefinitions can't handle mutiple forms and is therefor giving you the "more than one form" error. Modifying Peter's script to my needs and giving it a name ended up like this:

             <SCRIPT name="FormLoginSubmitTrio">
                 <!-- Possible value javascript or vbscript, if javascript tag could be omitted-->
                 <LANGUAGE>javascript</LANGUAGE> 
                <!-- Possible value cdata or base64, if javascript tag could be omitted-->
                 <BODY encoding="cdata">
                     <![CDATA[
                         function FormLoginSubmit()
     
                        {   
                                               document.details.submit();
                                                return false; 
                        }
                     ]]>
                 </BODY>
             </SCRIPT>
    

    See Peter's previous post about this script for more details and instructions.

    Thank you both for your support and a special thanks to you Peter! :)

    I hope anyone facing a situation like this will find this thread useful.

     

    /Joakim 

    Thursday, September 29, 2011 6:32 PM

All replies

  • Hi Amig@. The alert comes from the Autosubmit script:

    function WhaleSubmit()
    
    {
    
     formsCol = document.forms;
    
     if (formsCol.length == 1)
    
     {
    
     document.forms[0].submit();
    
     }
    
     else
    
     {
    
     alert("more than one form");
    
     }
    
     return false;
    
    }
    
    

    I guess the autosubmit stops the execution when more than a form is found because it cannot submit more than a form at the same time. Not sure about this as I am not a developer. Anyway, if you want UAG to fill the two forms you will have to include the second one in the custom formlogin.xml

    Any developer out there?


    // Raúl - I love this game
    Wednesday, September 28, 2011 11:23 AM
  • You are nearly there! It looks as if the page you are trying to form fill has more than one form, hence the error. What you'll need to do is create your own script which refers to the form on the page either directly or by the order of the form in the form object array. What I have done in these situation is to first add a new logon script in the file von\Conf\FormloginDataDefinitions such as:

                    <SCRIPT name="FormLoginNewScript">
                <!-- Possible value javascript or vbscript, if javascript tag could be omitted-->
                <LANGUAGE>javascript</LANGUAGE>
                <!-- Possible value cdata or base64, if javascript tag could be omitted-->
                <BODY encoding="cdata">
                    <![CDATA[
                        function FormLoginSubmit()

                        {  
                                               document.loginForm.submit.click();
                                               return false;
                        }
                    ]]>
                </BODY>
            </SCRIPT>

    In the formlogin.xml script change the line

    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME

    to

    	<SCRIPT_NAME source="data_definition">FormLoginNewScript</SCRIPT_NAME

    where you reference the name of the new script you created. Check that you can open each of these pages in a browser window so you know there aren't any xml errors.  Activate the configuration and hopefully it should then work.

    Hope this helps,

    Peter


    • Edited by SwanseaPete Wednesday, September 28, 2011 2:29 PM
    • Marked as answer by Joakim Hogstrom Thursday, September 29, 2011 6:33 PM
    Wednesday, September 28, 2011 2:28 PM
  • Hi,

    Thanks a lot for your replies!

    I've been trying to figure this out for a couple of hours now but i still can't get it to work. So I'd like to rewind a bit and hopefully you guys can spot my mistake(s). When I posted this question i already had an error message so i know that UAG accepts my configuration. it does recognize the login page or otherwise it wouldn't be trying to run the scripts which give me the error message. But that is the submit part of SSO. How can i verify that the username and password are actually inserted to the page?

    I'm using fiddler2 on the client and i can see code injected by UAG but i can't find anytning about user/pass.

    @Raul - You mentioned that i have to include the second form in formlogin.xml to get it working. Would that be like this?

     

    <APPLICATION>
    	<APPLICATION_TYPE>Web</APPLICATION_TYPE>
    	<USAGE description="form_login">
    	<PRIMARY_HOST_URL>.*default\.asp</PRIMARY_HOST_URL>
    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME>
    	<USER_AGENT>
    		<AGENT_TYPE search="group">all_supported</AGENT_TYPE>
    		<POLICY>multiplatform</POLICY>
    		<SCRIPT_NAME source="data_definition">FormLoginHandler</SCRIPT_NAME>
    	</USER_AGENT>
    	<MULTIPLE_LOGIN>false</MULTIPLE_LOGIN>
    	<LOGIN_FORM>
    		<NAME>details1</NAME>
    		<METHOD>POST</METHOD>
    		<CONTROL handling="dummy_value">
    			<TYPE>text</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    		<NAME>details2</NAME>
    		<CONTROL handling="dummy_value">
    			<TYPE>password</TYPE>
    			<NAME>psw</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    	</LOGIN_FORM>
    	</USAGE>
    </APPLICATION>
    

    I added NAME>details2</NAME for the password part.

     

     

    @Peter - Many thanks for this great tip! I'm not sure i got it right though....

    I'll try some more as soon as I have verified that username and password are injected correctly.

    Thanks.

     

    /Joakim

    Wednesday, September 28, 2011 11:51 PM
  • Hi, You will be able to see if the SSO engine in UAG has picked up your configuration as you will see the values being inserted into the relevant text boxes. I think in the XML you have just posted that:

    <CONTROL handling="dummy_value">
    			<TYPE>text</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>

    Should read something like this with the <TYPE> being USER_NAME rather than 'text'. 

    <CONTROL handling="real_value">
                    <TYPE>USER_NAME</TYPE>
                    <NAME>usr</NAME>
                    <DEF_VALUE>siteusr</DEF_VALUE>
     </CONTROL>

     

    I would for testing purposes put "real_value" in the xml so you can see what is being inserted into the form is the value you expect. Make sure the name of the form is correct in the <LOGIN_FORM> <NAME></NAME> and also for the user name password and submit fields (which I am not sure if you'll need or not but I always include it)

    Hope this helps.

    Peter

     

    Thursday, September 29, 2011 9:59 AM
  • Peter, those where the last pieces of the puzzle! Thank you so much :)

    The reason to why I had set <TYPE> to text was that I thought it had to match the type-setting in the input element i was targeting. In my case:

    <input type="text" class="txt" name="usr" id="usr" style="border: 1px solid rgb(0, 0, 0);" />
    

    Obviously I was wrong! Setting the <TYPE> value to "USER_NAME" vill inject the username and setting it to "PASSWORD" will inject the password.

    This Thread started because of the "more than one form" error and we've discussed how to configure formlogin.xml to inject username and password to different forms. Actually I didn't have to do that at all! It seems that UAG finds those input-fields anyway, at least in my case. So I ended up not defining any forms for username and password injection in formlogin.xml. The final result of my formlogin.xml looks like this:

    <APPLICATION>
    	<APPLICATION_TYPE>Web</APPLICATION_TYPE>
    	<USAGE description="form_login">
    	<PRIMARY_HOST_URL>.*default\.asp</PRIMARY_HOST_URL>
    	<SCRIPT_NAME source="data_definition">FormLoginSubmitStandard</SCRIPT_NAME>
    	<USER_AGENT>
    		<AGENT_TYPE search="group">all_supported</AGENT_TYPE>
    		<POLICY>multiplatform</POLICY>
    		<SCRIPT_NAME source="data_definition">FormLoginHandler</SCRIPT_NAME>
    	</USER_AGENT>
    	<MULTIPLE_LOGIN>true</MULTIPLE_LOGIN>
    	<LOGIN_FORM>
    		<NAME></NAME>
    		<METHOD>POST</METHOD>
    		<CONTROL handling="dummy_value">
    			<TYPE>USER_NAME</TYPE>
    			<NAME>usr</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    		<CONTROL handling="dummy_value">
    			<TYPE>USER_NAME</TYPE>
    			<NAME>psw</NAME>
    			<DEF_VALUE>siteuser</DEF_VALUE>
    		</CONTROL>
    	</LOGIN_FORM>
    	</USAGE>
    </APPLICATION>
    


    I'm using <TYPE> "USER_NAME" for both username and password injection because the backend application uses the username for both values.

    Even though the injection part doesn't seem to care about forms the submit part of SSO certainly does! That's were Peter script comes to the rescue since the standard script "FormLoginSubmitStandard" found in von\Conf\FormloginDataDefinitions can't handle mutiple forms and is therefor giving you the "more than one form" error. Modifying Peter's script to my needs and giving it a name ended up like this:

             <SCRIPT name="FormLoginSubmitTrio">
                 <!-- Possible value javascript or vbscript, if javascript tag could be omitted-->
                 <LANGUAGE>javascript</LANGUAGE> 
                <!-- Possible value cdata or base64, if javascript tag could be omitted-->
                 <BODY encoding="cdata">
                     <![CDATA[
                         function FormLoginSubmit()
     
                        {   
                                               document.details.submit();
                                                return false; 
                        }
                     ]]>
                 </BODY>
             </SCRIPT>
    

    See Peter's previous post about this script for more details and instructions.

    Thank you both for your support and a special thanks to you Peter! :)

    I hope anyone facing a situation like this will find this thread useful.

     

    /Joakim 

    Thursday, September 29, 2011 6:32 PM
  • No problem, glad to have been of help!!

    Many thanks,

    Peter

    Wednesday, October 5, 2011 2:17 PM