Login
    Contenu x
    Display the Logon Failure Reason
    • 18 Nov 2024
    • 5 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Display the Logon Failure Reason

    • Mis à jour le 18 Nov 2024
    • 5 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    This step is mandatory for all installations where Return failure reason has been enabled.

    You can configure Digipass Authentication for Remote Desktop Web Access to pass information to Remote Desktop Web Access upon a failed authentication request. You can, for example, provide users with an explanation of why their logon failed, and with instructions to fix the problem. The authentication server will pass the error or status code and message text for the authentication server to Remote Desktop Web Access, which can then display the message verbatim or interpret the code to provide the user with a clear explanation or set of instructions.

    Configure the logon page

    You can replace the default Remote Desktop Web Access logon page with the one provided with the Digipass Authentication Module. This will allow Remote Desktop Web Access to display an authentication server error or status code and message on the user’s screen.

    To display the logon failure reason (without single sign-on)

    1. Back up the existing logon page, i.e. RDWeb\Pages\en-US\login.aspx.

    2. Copy the modified logon page from %PROGRAMFILES%\OneSpan\Digipass Authentication for Remote Desktop Web Access\Templates\RDWeb (Windows Server version\login.aspx to %WINDIR%\web\RDWeb\Pages\login.aspx.

      -OR-

      Modify the existing page with custom code.

      Modifying the existing page with custom OneSpan code should only be used as an alternative if copying over the templates does not work. This might be the case because the logon page was modified by Microsoft, e.g. with a patch. In that case, you need to modify the page manually: compare the template with the original file and merge the Digipass sections into the original file.

    3. In the Digipass Authentication for Remote Desktop Web Access Configuration Center, select Return failure reason and specify the URL of the failed logon page.

    To display the logon failure reason (with single sign-on)

    1. Back up the existing logon page, i.e. RDWeb\Pages\en-US\login.aspx.

    2. Copy the modified logon page from %PROGRAMFILES%\OneSpan\Digipass Authentication for Remote Desktop Web Access\Templates\RDWeb (Windows Server version\SSO\login.aspx to %WINDIR%\web\RDWeb\Pages\login.aspx.

      -OR-

      Modify the existing page with custom code.

      Modifying the existing page with custom OneSpan code should only be used as an alternative if copying over the templates does not work. This might be the case because the logon page was modified by Microsoft, e.g. with a patch. In that case, you need to modify the page manually: compare the template with the original file and merge the Digipass sections into the original file.

    3. Configure single sign-on (see Digipass Authentication for Remote Desktop Web Access with single sign-on).

    4. In the Digipass Authentication for Remote Desktop Web Access Configuration Center, select Return failure reason and specify the URL of the failed logon page.

    Modify the custom logon page

    If you have a custom logon page (login.aspx) in use, you may need to modify it rather than replace it with the logon page provided with Digipass Authentication for Remote Desktop Web Access.

    The logon page (login.aspx) will also be set up for 1-step Challenge/Response. However, these portions of the page will be ignored by Digipass Authentication for Remote Desktop Web Access, unless 1-step Challenge/Response is enabled in the configuration.

    To modify the custom logon page for displaying the logon failure reason (without single sign-on)

    1. Back up the existing logon page, i.e. RDWeb\Pages\en-US\login.aspx.

    2. Open %PROGRAMFILES%\OneSpan\Digipass Authentication for Remote Desktop Web Access\Templates\RDWeb (Windows Server version\login.aspx.

    3. Copy the following pieces of code to the appropriate location in your custom logon file:

      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
System.String VascoFailCode = System.Web.HttpUtility.UrlDecode(Request.QueryString["failcode"]);
System.String VascoFailMessage = System.Web.HttpUtility.UrlDecode(Request.QueryString["failmessage"]);

if (!System.String.IsNullOrEmpty(VascoFailCode)) {
    VascoFailMessage = "(" + VascoFailCode + ") " + VascoFailMessage;
}

if (!System.String.IsNullOrEmpty(VascoFailMessage)) {
    bFailedLogon = true;
}
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->
      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
if (String.IsNullOrEmpty(VascoFailMessage)) {
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->
      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
} else {
%>
<td>
  <span class="wrng">DIGIPASS error: <%= VascoFailMessage %></span>
</td>
<%
}
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

      Be careful to insert the code to the correct location in the file. Refer to the example file delivered with Digipass Authentication for Remote Desktop Web Access to find out where the custom code needs to go in your custom logon page.

    4. Save and close the custom logon file.

    To modify the custom logon page for displaying the logon failure reason (with single sign-on)

    1. Back up the existing logon page, i.e. RDWeb\Pages\en-US\login.aspx.

    2. Open %PROGRAMFILES%\OneSpan\Digipass Authentication for Remote Desktop Web Access\Templates\RDWeb (Windows Server version\SSO\login.aspx.

    3. Copy the following pieces of code to the appropriate location in your custom logon file:

      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following code is required for SSO -->
<%
if (Request.ServerVariables["HTTP_VASCO_SSO_ENABLED"] != null) {
%>
<script language="javascript" type="text/javascript">
  var g_bUseVascoSSO = true;
</script>
<%
}
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following code is required for SSO -->
<script language="JavaScript">
  function IsMsRdpClientShellSupported() {
    try {
      var objClientShell = new ActiveXObject("MsRdpWebAccess.MsRdpClientShell");
      return true;
    } catch (objException) {
      return false;
    }
  }

  function GetMsRdpWorkspaceWrapperCtrlDllName() {
    if (window.navigator.cpuClass == "x86") {
      return "DIGIPASS_MsRdpWebAccessXMT32.dll";
    } else if (window.navigator.cpuClass == "x64") {
      return "DIGIPASS_MsRdpWebAccessXMT64.dll";
    }
    return null;
  }

  function WriteMsRdpWorkspaceWrapperCtrlObject() {
    var strDllName = GetMsRdpWorkspaceWrapperCtrlDllName();
    if (strDllName != null) {
      document.write(
        "<OBJECT ID=\"DIGIPASS_MsRdpWebAccessX.MsRdpWorkspaceWrapperCtrl\" CLASSID=\"CLSID:954CC0FF-5085-46BF-8463-BFBFD70151C0\" CODEBASE=\"" + strDllName + "\"></OBJECT>"
      );
    } else {
      alert("Failed to determine browser bitness! Please use the recommended version of Internet Explorer.");
    }

    if (IsMsRdpClientShellSupported()) {
      WriteMsRdpWorkspaceWrapperCtrlObject();
    }
  }
</script>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

      <!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
System.String VascoFailCode = System.Web.HttpUtility.UrlDecode(Request.QueryString["failcode"]);
System.String VascoFailMessage = System.Web.HttpUtility.UrlDecode(Request.QueryString["failmessage"]);

if (!System.String.IsNullOrEmpty(VascoFailCode)) {
    VascoFailMessage = "(" + VascoFailCode + ") " + VascoFailMessage;
}

if (!System.String.IsNullOrEmpty(VascoFailMessage)) {
    bFailedLogon = true;
}
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

<!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
if (String.IsNullOrEmpty(VascoFailMessage)) {
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

<!-- DIGIPASS Authentication for RDWeb Forms modifications : START -->
<!-- The following is required to display DIGIPASS failure reason -->
<%
} else {
%>
<td>
  <span class="wrng">DIGIPASS error: <%= VascoFailMessage %></span>
</td>
<%
}
%>
<!-- DIGIPASS Authentication for RDWeb Forms modifications : END -->

      Be careful to insert the code to the correct location in the file. Refer to the example file delivered with Digipass Authentication for Remote Desktop Web Access to find out where the custom code needs to go in your custom logon page.

    4. Save and close the custom logon file.

    5. Configure single sign-on (see Digipass Authentication for Remote Desktop Web Access with single sign-on).

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle