Forum Discussion
CirrusVerify that user name when logging in is an Email address
We have implemented an APM on our system to bring multiple systems into one central portal. It works well as long as everything is entered correctly, but I discovered one bug today. They way it works is it initially looks at the subnet that the user is connecting with. If they are are on a corporate subnet, it authenticates via NTLM. If they are on an external subnet, it takes them to an logon page. The external logon page is also used by several of our customers and they have accounts created in our external domain. This branch of the APM looks at email address on the logon and then decides to route to either our internal DC for authentication (if the logon contains *@mycompany.com) or to the external DC if it contains anything else (we have multiple external emails that are mapped to external domain accounts).
I have the logon box labeled "Email", but i have found that if the user logs in with anything other than email address, such as first.last, it automatically creates a session to authenticate against the external domain, since it did not contain *@mycomany.com, and every attempt after will fail. If email is put in, it works proper every time.
Does anyone have a way to verify at the logon page that there is an "@" symbol in the logon before it moves down the APM flow? That or either loop back through full APM on every logon attempt.
Thanks,
Mike
Sorry, please locate the foreach loop below and add a case for email and it should works now :
switch( $field_settings["type"] ){ case "select": foreach( $options as &$o ){ $fieldStr .= "{$o}"; } $fieldStr = "{$fieldStr}"; break; case "radio": foreach( $options as $k=>&$o ){ $fieldStr .= "{$o}"; } break; case "checkbox": case "text": case "password": $fieldStr = ""; break; case "email": $fieldStr = ""; break; }
10 Replies
Yann_Desmarest_Nacreous
Hello,
You can modify the logon page to add input validation so that normal users will not be able to submit anything except email addresses. You can do this by changing the input type in the Advanced Customization settings. Locate the logon.inc used by your access profile and change
1 => array( "type" => "text", "name" => "username", "varname" =>"username", "rw" => "1", "caption" => '%[logon_field_1]', "selectvalues" => "" ),by
1 => array( "type" => "email", "name" => "username", "varname" =>"username", "rw" => "1", "caption" => '%[logon_field_1]', "selectvalues" => "" ),
mike_drennen_16Thanks for the response, that definitely looks like exactly where i need to be making changes. When i changed the field settings to "email", it removed the text box when i go to the logon screen. If i leave it "text" or set it to "password", it does as expected.
Yann_DesmarestHello,
You can modify the logon page to add input validation so that normal users will not be able to submit anything except email addresses. You can do this by changing the input type in the Advanced Customization settings. Locate the logon.inc used by your access profile and change
1 => array( "type" => "text", "name" => "username", "varname" =>"username", "rw" => "1", "caption" => '%[logon_field_1]', "selectvalues" => "" ),by
1 => array( "type" => "email", "name" => "username", "varname" =>"username", "rw" => "1", "caption" => '%[logon_field_1]', "selectvalues" => "" ),- mike_drennen_16Thanks for the response, that definitely looks like exactly where i need to be making changes. When i changed the field settings to "email", it removed the text box when i go to the logon screen. If i leave it "text" or set it to "password", it does as expected.
- Yann_Desmarest
Sorry, please locate the foreach loop below and add a case for email and it should works now :
switch( $field_settings["type"] ){ case "select": foreach( $options as &$o ){ $fieldStr .= "{$o}"; } $fieldStr = "{$fieldStr}"; break; case "radio": foreach( $options as $k=>&$o ){ $fieldStr .= "{$o}"; } break; case "checkbox": case "text": case "password": $fieldStr = ""; break; case "email": $fieldStr = ""; break; }- Yann_DesmarestJust to precise that the email input is html5. It may be not supported on F5. If the above code fails. I would recommend to create a macro on the vpe that include the logon page with an additional branch that look for an email within the username variable (you can use a tcl expr). If the user goes to the fallback branch, You loop until the user set something that can be à valid email address in the field.
- mike_drennen_16That works perfect. thanks a lot.
- Yann_Desmarest_
Sorry, please locate the foreach loop below and add a case for email and it should works now :
switch( $field_settings["type"] ){ case "select": foreach( $options as &$o ){ $fieldStr .= "{$o}"; } $fieldStr = "{$fieldStr}"; break; case "radio": foreach( $options as $k=>&$o ){ $fieldStr .= "{$o}"; } break; case "checkbox": case "text": case "password": $fieldStr = ""; break; case "email": $fieldStr = ""; break; }- Yann_Desmarest_Just to precise that the email input is html5. It may be not supported on F5. If the above code fails. I would recommend to create a macro on the vpe that include the logon page with an additional branch that look for an email within the username variable (you can use a tcl expr). If the user goes to the fallback branch, You loop until the user set something that can be à valid email address in the field.
- mike_drennen_16That works perfect. thanks a lot.
