Ran into difficulties customizing a new NetScaler 11 Gateway. Although I was happy to finally be able to apply themes per NetScaler Gateway vServer, I quickly saw that this new option presents new challenges if you are looking to customize beyond what the themes allow.
Our goal was to add footer information on the front page in order to provide Help Desk contact info, a Citrix Receiver download link and the RSA Self Service portal. With NS 11, the problem is that the index.html file is no longer constructed the same as it was with 10.x.
Lets understand this a bit more.
With NetScaler Gateway 11, the logon form and pretty much the entire index.html body, is generated by 2 javascript files (gateway_login_view.js and gateway_login_form_view.js).
- gateway_login_view.js – creates the body and tables for the actual form
- gateway_login_form_view.js – creates the form itself, username and password fields, domain dropdown box, etc.
This naturally creates a headache if you are use to working with the 10.x firmware. As with 10.x you can accomplish most of the customization by directly modifying the index.html file, and creating a custom global policy user interface. On the other hand, this presented a challenge if you had to run multiple Gateway vServers with a custom UI, and you had to get pretty creative on how to overcome it.
For NS 11, I read a post where someone was struggling with a similar situation, luckily it pointed me in the right direction. The post suggested to modify or create a new gateway_login_view.js and/or gateway_login_form_view.js (you can read the post here).
Rather than modifying existing code or creating new files then having to deal with responder policies, etc. I figure I try to do this via the NetScaler Rewrite Policies and Actions to make it look something like the picture below.
Environment:
- Citrix NetsScaler 11.0Build 63.16.nc
- StoreFront 3.0
- RSA 8.1
Let’s get started.
- Add links at the bottom of the authentication page, unfortunately rewrite actions have a 255 character limit which you can easily bypass by adding “+” to the expression. Click here to view/download the syntax as WordPress messes with it.
2. Enable the EULA box by default:
add rewrite action ns_gtw_eula_checked_action replace_all “http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)” “\”type=\’checkbox\’ checked\”” -pattern “type=\’checkbox\'”
add rewrite policy ns_gtw_eula_checked_pol “HTTP.REQ.URL.CONTAINS(\”gateway_login_form_view.js\”)” ns_gtw_eula_checked_action
bind vpn vserver portal_netscaler -policy ns_gtw_eula_checked_pol -priority 110 -gotoPriorityExpression NEXT -type RESPONSE
3. Enable the Logon Button by default:
add rewrite action ns_gtw_LogonAutoEnable_rw_act replace_all “http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)” “\”\’disabled\’:\’\’\”” -pattern “\’disabled\’:\’disabled\'”
add rewrite policy ns_gtw_LogonAutoEnable_rw_pol “HTTP.REQ.URL.CONTAINS(\”gateway_login_form_view.js\”)” ns_gtw_LogonAutoEnable_rw_act
bind vpn vserver portal_netscaler -policy ns_gtw_LogonAutoEnable_rw_pol -priority 120 -gotoPriorityExpression END -type RESPONSE
Hope this helps :)
Disclaimer:
I do not accept any responsibility or liability for the accuracy, content, completeness, legality, or reliability of the information contained on this website.
