How to prevent users from being able to cancel when they should be correcting invalid credentials

  • 7940110
  • 19-Aug-2009
  • 26-Apr-2012

Environment

SecureLogin
SecureLogin SSO
3.04 and later
MS AD, LDAP, NT4, Citrix, Terminal Services


Situation

Issue

Customer SSO enabled an application. The first time the application runs after it has been SSO enabled, the user must “tell” SecureLogin their logon credentials so SecureLogin can remember them in future. SecureLogin can also detect invalid credentials are stored and prompt the user to verify them before retrying logon.

When SecureLogin prompts the user to enter their variables (i.e. username and password), users clicks cancel without correcting the problem.

The customer wants to prevent the user from clicking cancel. Instead, they want SecureLogin to force the user to enter their username and password when they are initially prompted or correct them if they have invalid credentials stored.

Resolution

Cause

Prevent users from cancelling both the SecureLogin prompt that appears if no credentials are stored and the prompt that appears if invalid credentials are stored.

Solution

This can be achieved using the OnException command. When a user clicks cancel on the SecureLogin prompt invoked by the DisplayVariables command, the specified sub routine is run.

Note: The command to force the initial entry of credentials must appear in the script before logon is attempted.

Simple Example Script:

#================# # Logon Failed # #================# Dialog Title ""Logon Failed"" Class #32770 EndDialogClick #2 OnException EnterVariablesCancelled Call EnterVariablesForce DisplayVariables ""Your Username and/or Password is invalid. Correct them and click OK."" Type $Username #1005 Type $Password #1006 Click #1 ClearException EnterVariablesForce#==========================================# # Sub Routine called if user clicks Cancel # #==========================================# Sub EnterVariablesForce DisplayVariables ""Your Username and/or Password is invalid. Correct them and click OK."" Type $Username #1005 Type $Password #1006 Click #1 ClearException EnterVariablesForce EndScript EndSub

Note: As per the example above, the EndScript command must exist in the Sub Routine since you don’t want the script to continue executing at the line directly after the OnException higher in the script.

Complete Example Script:

#=================================================================# # New Password must meet the strong policy # # Uncomment this line and create the Password Policy if required # #=================================================================# #RestrictVariable ?NewPwd PasswordTestPwdPolicy#=================================================================# # If user cancels entering credentials, force them to # #=================================================================# OnException EnterVariablesCancelled Call EnterCredentialsForce#===============# # Logon Prompt # #===============# Dialog Class ""#32770"" Title ""Login"" EndDialogSetPrompt ""Username ===>"" Type $Username #1001 SetPrompt ""Password ===>"" Type $Password #1002 SetPrompt ""Domain ===>"" Type $Domain #1003 Click #1 

SetPrompt ""Please enter your credentials for the demonstration application.""

#=========================# # Change Password Prompt # #=========================# Dialog Class ""#32770"" Title ""Change Password"" EndDialog#=======================================================# # Backup current password in case change password fails # #=======================================================# Set ?SavePwd $Password#=======================================================# # Enter the Username and current Password, as required # #=======================================================# Type $Username #1015 Type $Password #1004#===============================================================# # Prompt the user to choose a new password and verify it # # OnException activates if the user clicks cancel on the change # # password box # # Uncomment ""Random"" line to randomly generate a password (and # # comment other line) # #===============================================================# OnException ChangePasswordCancelled Call ChangePwdForce ChangePassword ?NewPwd ""Please enter a new password."" #ChangePassword ?NewPwd Random#==================================================================# # If the user tried to make the new password the same as the old # # Force them to retry the change, otherwise, enter and set the new # # password # #==================================================================# If ?NewPwd Eq $Password Call RetryChangePwd Else Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled EndIf#==================================================# # Password Change Failed Message # # Clear the error and revert to the old password # #==================================================# Dialog Title ""Change Failure"" Class #32770 EndDialogClick #2 Set $Password ?SavePwd MessageBox ""Change Password Failed!!""#======================================# # Change Password Successful Message # # Store the new password is SSO # #======================================# Dialog Title ""Change Successful"" Class #32770 EndDialog

Set $Password ?NewPwd

#===============================================================# # Login Failure Message # # Prompt the user to verify their credentials and retry logon # # Alt+F and L Type File>Logon to retry logon to the application # #===============================================================# Dialog Title ""Login Failure"" Class #32770 EndDialogClick #2 OnException EnterVariablesCancelled Call VerifyCredentialsForce DisplayVariables ""The Username and/or Password is invalid."" $Username $Password Type –Raw ""\Alt+f"" Type –Raw ""L"" #=====================================================================# # Sub Routine called if the user tries to cancel entering credentials # #=====================================================================# Sub EnterCredentialsForce DisplayVariables ""You must enter your credentials and click OK to try again."" $Username $Password $Domain EndSub#===========================================================# # Sub Routine called if the user tries to cancel verifying # # credentials after failed logon # #===========================================================# Sub VerifyCredentialsForce DisplayVariables ""You must verify your credentials and click OK to try again."" EndSub#============================================================================# # Sub Routine called if the user tries to cancel the Change Password process # #============================================================================# Sub ChangePwdForce ChangePassword ?NewPwd ""You must change your password now and CANNOT cancel!"" If ?NewPwd Eq $Password Call RetryChangePwd Else Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled EndScript EndIf EndSub#=========================================================# # Sub Routine to handle new password the same as the old # #=========================================================# Sub RetryChangePwd ChangePassword ?NewPwd ""Your new password must be different from your old password."" If ?NewPwd Eq $Password Call RetryChangePwd Else Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled EndScript EndIf EndSub

Feedback service temporarily unavailable. For content questions or problems, please contact Support.