NetScaler Gateway 11 footer customization
January 14, 2016 13 Comments
Ran into difficulties customizing a new NetScaler 11 Gateway. Although I was happy to finally be able to apply themes per NetScaler Gateway vServer, I quickly saw that this new option presents new challenges if you are looking to customize beyond what the themes allow.
Our goal was to add footer information on the front page in order to provide Help Desk contact info, a Citrix Receiver download link and the RSA Self Service portal. With NS 11, the problem is that the index.html file is no longer constructed the same as it was with 10.x.
Lets understand this a bit more.
With NetScaler Gateway 11, the logon form and pretty much the entire index.html body, is generated by 2 javascript files (gateway_login_view.js and gateway_login_form_view.js).
- gateway_login_view.js – creates the body and tables for the actual form
- gateway_login_form_view.js – creates the form itself, username and password fields, domain dropdown box, etc.
This naturally creates a headache if you are use to working with the 10.x firmware. As with 10.x you can accomplish most of the customization by directly modifying the index.html file, and creating a custom global policy user interface. On the other hand, this presented a challenge if you had to run multiple Gateway vServers with a custom UI, and you had to get pretty creative on how to overcome it.
For NS 11, I read a post where someone was struggling with a similar situation, luckily it pointed me in the right direction. The post suggested to modify or create a new gateway_login_view.js and/or gateway_login_form_view.js (you can read the post here).
Rather than modifying existing code or creating new files then having to deal with responder policies, etc. I figure I try to do this via the NetScaler Rewrite Policies and Actions to make it look something like the picture below.
Environment:
- Citrix NetsScaler 11.0Build 63.16.nc
- StoreFront 3.0
- RSA 8.1
Let’s get started.
- Add links at the bottom of the authentication page, unfortunately rewrite actions have a 255 character limit which you can easily bypass by adding “+” to the expression. Click here to view/download the syntax as WordPress messes with it.
2. Enable the EULA box by default:
add rewrite action ns_gtw_eula_checked_action replace_all “http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)” “\”type=\’checkbox\’ checked\”” -pattern “type=\’checkbox\'”
add rewrite policy ns_gtw_eula_checked_pol “HTTP.REQ.URL.CONTAINS(\”gateway_login_form_view.js\”)” ns_gtw_eula_checked_action
bind vpn vserver portal_netscaler -policy ns_gtw_eula_checked_pol -priority 110 -gotoPriorityExpression NEXT -type RESPONSE
3. Enable the Logon Button by default:
add rewrite action ns_gtw_LogonAutoEnable_rw_act replace_all “http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)” “\”\’disabled\’:\’\’\”” -pattern “\’disabled\’:\’disabled\'”
add rewrite policy ns_gtw_LogonAutoEnable_rw_pol “HTTP.REQ.URL.CONTAINS(\”gateway_login_form_view.js\”)” ns_gtw_LogonAutoEnable_rw_act
bind vpn vserver portal_netscaler -policy ns_gtw_LogonAutoEnable_rw_pol -priority 120 -gotoPriorityExpression END -type RESPONSE
Hope this helps 🙂
Disclaimer:
I do not accept any responsibility or liability for the accuracy, content, completeness, legality, or reliability of the information contained on this website.
HI, tried to follow you in this steps, but im not get this to work. Used same policy as you, the auto check rewrite and logon button is not working. Tried to get the basic text at the end, but this rewrite also not work. Is there a way to trobbleshut this? (Has copy, pasted you config from the .txt file)
Use this Netscaler version 11.0 build 64.34nc and with X1 theme.
Thanks for help 🙂
Mmmm. I made my changes with a copy of the Greenbubble theme.
I would have to create a new vServer and apply the X1 theme and see if it would work.
This is insane Daniel. Thank you for sharing. Worked perfectly for me using a the greenbubble theme, which we made it look like X1.
I also have Netscaler version 11.0 build 64.34nc and with X1 theme, but I could not get it to work. The footer doesn’t show at all. Could you please help?
It didn’t work for me. I followed your steps but nothing showed in the footer. I tried the Greenbubble and X1 but nothing worked.
Could you please take a look when you have a chance?
Not sure if it’s related to Netscaler version. I also have Netscaler version 11.0 build 64.34nc.
did you get this to work? I have NS11.0 65.35nc with no luck
tried it also but I have a strange behavoir. If I connect with IP https://xxx.xxx.xxx.xxx it works. When I try it with the dns Name https://my.netscaler.com it doesn’t work?
Great article Daniel. One follow up. The .js files are cached by default. In our case the text wasn’t displayed without clearing the cache. However you cannot flush cache without a license for integrated caching. In our case this ment editing the text. Performing a HA failover. people that do have an enterprise license can flush the cache in the integrated caching section
Hi Daniel,
Can you please tell me how can i change favicon for Netscaler 11 weblogon page? And also, how can i change the background logon page with a text message?
Thank you,
Edi
Edi,
What exactly do you mean the background login page with text message. Do you mean how to change the content of the text I provided? Can you provide me with a screenshot of what you are thinking to do?
I mean that i have set for background login page one image (via Netrscaler GUI customization) with authorization message but i do not like it and i want to insert a text message. See attached picture.
On Wed, Jul 13, 2016 at 3:08 PM, Daniel Ruiz – Blog wrote:
> CyberRuiz commented: “Edi, What exactly do you mean the background login > page with text message. Do you mean how to change the content of the text I > provided? Can you provide me with a screenshot of what you are thinking to > do? ” >
I mean that i have set for background login page one image (via Netrscaler GUI customization) with authorization message but i do not like it and i want to insert a text message. Do you have any idea? How can i send you a screenshot?
Edi,
Sorry for the late response. My day job kicked my @$$ yesterday and was not able to respond to my blog comments.
Send me the screenshot to danielruiznet@icloud.com
Thanks
Daniel