Fahad Anis Posted September 13, 2019 Share Posted September 13, 2019 Hi All, I have setup two portals behind NetScaler 12 as below. One content switch VS with two CS policies, check for (/selfservice and /rsaselfservice) and forward it to respected load balance VS. Both LB VS bind the same authentication VS (form based). AAA VS is using portal theme RFWEBUI. URL 1: https://example.com/selfservice >> Auth Policy : RSA Only URL 2: https://example.com/rsaselfservice >> Auth Policy: LDAP Only Requirement: I want to have customize a message on portal based on what URL user requesting. For Exp: When user requesting example.com/selfservice, user will see different message on portal and when they request example.com/rsaselfservice they will see different message on AAA logon page. Problem: Since I am using a same AAA virtual server for both URLs, how can I customize a message based on user request. I have already tried a rewrite response policy and bind it to LB VS but policy not getting hit. How can I achieve this? Please help. Link to comment Share on other sites More sharing options...
Daniel Marsh1709157095 Posted September 13, 2019 Share Posted September 13, 2019 Does this help? https://support.citrix.com/article/CTX208789 Policy would need to be bound to the AAA vserver not the LB vserver. Link to comment Share on other sites More sharing options...
Rasmus Kindberg Posted September 13, 2019 Share Posted September 13, 2019 I'm not 100% sure, but: above solution in https://support.citrix.com/article/CTX208789 would work if the theme wasn't RfWebUI. With RfWebUI, the HTML content displayed on AAA page is generated dynamically upon load and not read from a .html file (like tmindex.html). What you probably need to do is instead of a Responder Policy redirecting, you create a Rewrite that changes the HTML contents of the AAA HTML code returned and then bind the rewrite policy globally with an expression HTTP.REQ.HOSTNAME.SERVER.EQ("myaaa.mydomain.com") (you can't bind Rewrite to AAA vServers directly). Below is an example of a rewrite action that remove the 'Password 2' field that is displayed on AAA page when 2 factor auth is enabled. This particular Rewrite isn't related to above, but it should help you give an idea on how to specify the rewrite action. I think it will take some time for you to get it working, just so you know. add rewrite action RWA-RES-REMOVE_2ND_PASSWORD_FIELD_RFWEBUI replace_all "HTTP.RES.BODY(99999)" "\"\\r\\n\"+\n\"<style type=\\\"text/css\\\">\\r\\n\"+\n\"[for=\\\"passwd1\\\"] { display: none;}\\r\\n\"+\n\"#passwd1 { display: none; }\\r\\n\"+\n\"[for=\\\"response\\\"] { display: none;}\\r\\n\"+\n\"</style>\\r\\n\"+\n\"\\r\\n\"+\n\"</body>\\r\\n\"+\n\"</html>\\r\\n\"" -search "text(\"</body>\n</html>\")" Link to comment Share on other sites More sharing options...
Daniel Marsh1709157095 Posted September 17, 2019 Share Posted September 17, 2019 Just to clarify I meant use the policy to decode the NSC_TASS cookie for the referer URL, ignore the bit about rewriting tmindex.html. Then the rewrite policy would need to be bound to the AAA server. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now