Customer SSO enabled an application and wanted to prevent users from cancelling the ChangePassword using the OnException command. The section of the script that handled password change is similar to the one below;
#=====================================================================# # Change Password Prompt # # If the user cancels, call a sub routine to force them to change it # #=====================================================================# Dialog Class ""#32770"" Title ""Change Password"" EndDialog Type $Username #1015 Type $Password #1004 OnException ChangePasswordCancelled Call ChangePasswordForce ChangePassword ?NewPwd ""Please enter a new password for the Finance Application."" Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled #=======================================================# # Change successful, save the password to the Directory # #=======================================================# Dialog Class ""#32770"" Title ""Change Successful"" EndDialog Click #2 Set $Password ?NewPwd Sub ChangePasswordForce MessageBox ""For security reasons, you cannot cancel this process."" ChangePassword ?NewPwd ""Please enter a new password for the Finance application."" Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled EndSub
Everything seemed to work OK but when the sub routine ran (as scripted, if the user tried to cancel the change password process, the password changed but the mouse seemed to click more buttons and type more than expected.)
If the SSO administrator implements the command;
OnException ChangePasswordCancelled Call ChangePasswordForce
If the user clicks cancel on the SecureLogin Change Password prompt, the application connector (formerly called script) looks for the ChangePasswordForce sub routine.
The sub routine runs, then script execution is returned to the line after the Call command was issued. The script continues to run the lines below the OnException command. This is normal behaviour, a sub routine will return to the next line of the script once it has completed.
The SSO administrator added the EndScript command to the sub routine to force SecureLogin to exit instead of continuing processing the script.
Sub ChangePasswordForce MessageBox "For security reasons, you cannot cancel this process." ChangePassword ?NewPwd "Please enter a new password for the Finance application." Type ?NewPwd #1005 Type ?NewPwd #1006 Click #1 ClearException ChangePasswordCancelled EndScript EndSub