SecureLogin script does not re-enter corrected credentials

  • 7000568
  • 22-Mar-2012
  • 26-Apr-2012

Environment

Novell SecureLogin
NSL7.0.x
Windows application
Manually written application definition script 

Situation

SecureLogin detects incorrect password and prompts user to correct it, but does not enter the corrected passsword
SecureLogin script stops executing instead of entering correct password.
 

Resolution

Use the NSL scripting wizard to generate the application definition, then edit the applicaiton definition through the wizard to include error handling.  To add error handling to a wizard - generated script  do the following:
 
1. Open Manage Logins on the workstation
2.  Go to the "definition" tab for the application
3.  Double click "Logon Notification"
4. Follow the prompts.
 
This adds functionality to the application definition to correct the password and re-enter it.
 

Additional Information

If desired, compare the problem script with the working wizard-generated script.  Click the "convert to application definition" button to convert the wizard generated definition into script format. 
 
In this case, the problem occurred because the application did not re-present the login dialog after the initial failed login. SecureLogin acts once (and only once) on each dialog statement as it is presented.  The wizard generated script included a few things the manually script did not to inform SecureLogin that it should act upon the login dialog again.  Specifically:
 
1. A second, (almost) duplicate section for the main user authentication, that included as part of the dialog statement the condition:
Event SSO_NOTIFY 
This told SecureLogin to act again if the Windows event "SSO_NOTIFY" had been triggered. 
 
2.  In the section of the script for the failed authentication notification, a command to trigger the Windows event "SSO_NOTIFY":
SendEvent ?LOGINWINDOWHANDLE SSO_NOTIFY   
For more detail see "SendEvent"  in the
Application Definition Guide section of the online documentation

3. In both of the user authentication sections, logic to see if the SSO_Notify event was present:
GetHandle ?LOGINWINDOWHANDLE    

(See GetHandle in the online docs- same link as above)
 
Adding the above to the manually written script enabled it to run just as well as the wizard generated script.