Strange behaviour using sub routines in application definitions

  • 7940292
  • 19-Aug-2009
  • 30-Jan-2014

Environment

SecureLogin
SecureLogin SSO
All Versions


Situation

Issue

Customer SSO enabled an application and wanted to prevent users from cancelling the ChangePassword using the OnException command. The section of the script that handled password change is similar to the one below;

 #=====================================================================# 
# Change Password Prompt # 
# If the user cancels, call a sub routine to force them to change it # #=====================================================================# 
Dialog Class ""#32770"" 
Title ""Change Password"" 
EndDialog 

Type $Username #1015 
Type $Password #1004 
OnException ChangePasswordCancelled 
Call ChangePasswordForce 
ChangePassword ?NewPwd ""Please enter a new password for the Finance Application."" 
Type ?NewPwd #1005 
Type ?NewPwd #1006
Click #1 ClearException ChangePasswordCancelled #=======================================================#
 # Change successful, save the password to the Directory # #=======================================================#
Dialog Class ""#32770""
Title ""Change Successful"" 
EndDialog Click #2 
Set $Password ?NewPwd

Sub ChangePasswordForce 
MessageBox ""For security reasons, you cannot cancel this process."" 
ChangePassword ?NewPwd ""Please enter a new password for the Finance application."" 
Type ?NewPwd #1005 
Type ?NewPwd #1006 
Click #1 
ClearException ChangePasswordCancelled 
EndSub

Everything seemed to work OK but when the sub routine ran (as scripted, if the user tried to cancel the change password process, the password changed but the mouse seemed to click more buttons and type more than expected.)

Resolution

Cause

If the SSO administrator implements the command;

OnException ChangePasswordCancelled Call ChangePasswordForce

If the user clicks cancel on the SecureLogin Change Password prompt, the application connector (formerly called script) looks for the ChangePasswordForce sub routine.

The sub routine runs, then script execution is returned to the line after the Call command was issued. The script continues to run the lines below the OnException command. This is normal behaviour, a sub routine will return to the next line of the script once it has completed.

Solution

The SSO administrator added the EndScript command to the sub routine to force SecureLogin to exit instead of continuing processing the script.

Sub ChangePasswordForce 
MessageBox "For security reasons, you cannot cancel this process."
ChangePassword ?NewPwd "Please enter a new password for the Finance application."
Type ?NewPwd #1005 
Type ?NewPwd #1006 
Click #1 
ClearException ChangePasswordCancelled  
EndScript 
EndSub