locked
Password field not required with UAG portal authentication RRS feed

  • Question

  • Hi all,

    I've installed UAG and configured a Radius authentication server, which sends an OTP in a SMS to the user.

    Default the user has to fill in their username and password, in the next screen they can fill in their OTP.

    My question:

    Is it possible to disable and hide the password field in the logon form so users only have to fill in their username and in the next screen their OTP?

    Greetings,

    Maikel.

    Tuesday, June 7, 2011 12:19 PM

Answers

  • Hi Maikel,

    Yes, this happens since the UAG UserMgr.dll - the UAG component which gets the submitted credentials and communicates with the configured authentication server, in your case a RADIUS server - does not expect an empty password. Since you cannot change the behavior of this DLL, you will have to provide it with a fake password. I hope that your RADIUS server will be OK with the fact the it received a real use name and a fake password, when asked to issue the OTP for that user.

    There are several ways to "feed" this fake password into the UAG logon process, but since you are already using your own custom Login.asp, I think that the easiest would be to submit it from there, together with the user name, as a "hidden" form field.

    Regards,


    -Ran
    • Marked as answer by MvanWesteneng Wednesday, June 29, 2011 11:17 AM
    Thursday, June 9, 2011 1:40 PM

All replies

  • Hi Maikel,

     

    You would have to create your own customized version of a UAG login page, and configure UAG to use that page (Advanced Trunk Configuration -> Authentication tab -> Logon Scheme section -> User logon page. make sure to place your custom login page in the \von\InternalSite\CustomUpdate folder, and to configure UAG accordingly (ex: CustomUpdate/MyLogin.asp)

    Regards,


    -Ran
    Tuesday, June 7, 2011 1:43 PM
  • Hi Ran,

    Thanks for your reply. With these changes i can hide or remove the password field but i still get an error message in webmonitor that authentication is failed because of missing credentials.

    Is there a configuration file for the Radius Authentication server in which the password credential is required?

    Regards,

    Maikel.

    Wednesday, June 8, 2011 7:00 AM
  • Hi Maikel,

    Yes, this happens since the UAG UserMgr.dll - the UAG component which gets the submitted credentials and communicates with the configured authentication server, in your case a RADIUS server - does not expect an empty password. Since you cannot change the behavior of this DLL, you will have to provide it with a fake password. I hope that your RADIUS server will be OK with the fact the it received a real use name and a fake password, when asked to issue the OTP for that user.

    There are several ways to "feed" this fake password into the UAG logon process, but since you are already using your own custom Login.asp, I think that the easiest would be to submit it from there, together with the user name, as a "hidden" form field.

    Regards,


    -Ran
    • Marked as answer by MvanWesteneng Wednesday, June 29, 2011 11:17 AM
    Thursday, June 9, 2011 1:40 PM