Custom WebAuth issues

Similar Messages

• Custom WebAuth Issues "Error Code 1"

  Hi All,
  Being experimenting in the Custom Webauth uploads. The main problem I have is my company does not want to issue a username/password to each vistor so we just have a static credentials that change weekly. In the custom webauth this mean error code 1 is issued by the controller "the user is already logged in" Go Figure! All browsers apart from IE ignore this and redirect as normal. IE being the pain it is displays the message but does not redirect. This means the user goes into a constant login loop trying over and over again. But in fact they have already authenitcate and all they need do is browse away from the login.
  Does anyone know how I can ignore error code 1 all together. Its funny the built in page doesn't even care about this and when I captured that and uploaded the failed login script stopped working. I guess different error codes are used when using a custom webauth.
  Think Cisco need to update the templates anyway for the latest browsers.
  Thanks,
  Darren

  I'm not sure if this would help, but could you use this command to stop the checks for multiple logins and hopefully not generate the error code? From the 7.0 config guide:
  "config advanced eap max-login-ignore-identity-response {enable | disable}—When enabled, this command limits the number of devices that can be connected to the controller with the same username. You can log in up to eight times from different devices (PDA, laptop, IP phone, and so on) on the same controller. The default value is enabled."

• Custom webauth settings in between Anchor & Foreign

  Hi techies,
  We have implemented a new wireless mobility guest SSID in between the anchor and multiple foreign controllers.
  We are using a custom webauth page, written by the customer, which was working great.
  Since we've upgraded to 7.2.115.2, we receive a couple of complaints from users saying that they receive the default Cisco web auth login page, instead of the custom. But, after they successfully logged on, they see the successfull page of the custom webauth package? Which seems quite strange. It seems like the webauth pages from the default Cisco one and our custom are getting mixed during the authentication process.
  I have read in the mobility design guide about which settings should be absolutely identical in between the anchor & foreign controller(s).
  So I've checked them and I see a difference in the web auth settings, under the security tab in the WLC, which tells the controller if it must use the default internal page, or a custom one. We've uploaded the custom web-auth package only to the anchor controller. The foreign controller have this option set to "Internal (default)".
  Do we need to upload the same custom webauth .tar package to all of the foreign controllers to mitigate this?
  It seems I can't find it in any ofthe cisco docs available..
  Thanks!
  Dion Dohmen

  I think there was an issue with what you are seen with versions of 7.2. The webauth should be in the anchor WLC no matter what. You can search the forums as others have ran into that issue also.
  Sent from Cisco Technical Support iPhone App

• Need my custom webauth page displayed with HTTP instead of HTTPS

  I have a custom webauth page installed that I am using with web passthrough authentication on my WLC2006 in order to put up a acceptable use policy page.
  The WLC uses HTTPS to display this which causes a security certificate warning to appear if I go with the WLC's own self-signed certificate. Is there a way I can get the WLC to use plain HTTP to display this page instead so I can eliminate the warning?
  I have already tried installing a trusted 3rd party certificate on the WLC, but I have this very strange problem where mucking with the WLC's web authentication certificate in any manner causes all network activity on the WLC to break except for CDP and ARP, essentially leaving the WLC dead. Three weeks of troubleshooting with Cisco TAC has yielded no progress on that front so now I am trying to bypass the need for a security certificate altogether since I really don't need to encrypt my acceptable use policy page.

  The documentation doesn't provide very clear direction, does it?
  To download the WLC's default webauth page, browse to the controller's Security > Web Login Page. Make sure the web authentication type is Internal (Default). Hit the Preview button. Then use your browser's File > Save As... menu item to save the HTML into a file. Edit this to your liking and bundle it and any graphics images up into a TAR archive, then upload via the controller's COMMAND page.

• WLC 7.2 code and Custom WebAuth

  Is there a way to associate a Custom Downloaded page to 1 and only 1 AP/guest account, leaving the rest using the default?
  It appears to be a global condition.
  the folks at the Law Library have/want their own verbage for their guests and receive the usual daily guest key..  I want the default page for all the other 'guest accounts' on the controller.
  currently the LawLib AP resides on a WiSM while all the rest of the production devices are on 5508's, and I want to kill the WiSM.
  David

  To explain it better, you only can define a certain WebAuth page per SSID and that is why having a separate SSID for the library is a better way of doing things. This allows guest users to know what SSID they should connect to and separates in a way the normal guest from the library guest. It doesn't mean that the guest or library guest won't connect to the other SSID but at least you have the correct verbiage on each custom WebAuth HTML page.
  Sent from Cisco Technical Support iPhone App

• Custom component issue

  Custom component issue
  According to customer requirements, we want to get such an effect in the development of custom components:
  Drag and drop custom components to the Flex builder work area, it can generate more than the default properties, not just generate "x", "y" attribute.
  【Details are as follows】
  We design a custom panel "CustomPanel.mxml" in the project development, then drag it into the workspace in the Flex builder development environment.
  View the source code found that it can only generate "x", "y" attribute in default. That is:
  <ns2:CustomPanel x="105" y="74">
  </ns2:CustomPanel>
  【Issue】
  How can we do that when drag the 'custom component' into Flex builder workspace,  we can generate "layout" attribute in addition to "x", "y" attributes?
  That is:
  <ns2:CustomPanel x="105" y="74" layout="absolute">
  </ns2:CustomPanel>
  【Note】
  The following code will be generated when the "panel component comes with Flex builder environment" is dragged into workspace.
  <mx:Panel x="121" y="134" width="250" height="200" layout="absolute">
  </mx:Panel>
  How it is done?

  I am sorry to bother you again.
  I have tried the web site content, but it can't helped!
  There is a custom component called 'Basket', source code is as follows:
  package picnic
  import mx.containers.Panel;
  public class Basket extends Panel
    public function Basket()
     super();
     layout = "vertical";
     setStyle("backgroundColor", 0x00FFFF);
     setStyle("horizontalAlign", "center");
  Here it is worked when the attribute "layout" is set to "vertical", but it isn't when "layout" is set to "absolute" !
  When the property is set to "absolute" phenomenon is as follows:
  Drag component such as 'Button' into "picnic component". It will automatically go to the top left corner position,
  just like the 'layout-attribute' is not set.
  Why is there such a phenomenon?

• Viewing/uploading customized WebAuth pages

  Howdy,
    I've got a 5508 running 7.6.100 acting as an anchor in a remote location. It is using customized WebAuth pages but I'm needing to verify the actual html content of those pages as they are in use today. Downloading a new WebAuth bundle is easy, and I know I can preview the WebAuth login page, and I've got the pages that 'should' have been downloaded to the controller- I need to see what's there now. Alas, because of my location, I can't simply toss a client on the WLAN to examine the pages either.
    Before having to overwrite the existing pages, does anyone have a way to upload or view customized pages on the WLC?

  AHA! CLI and Google-fu remain my best friends.
  Although the GUI in this version does not allow UPloading WebAuth bundles from the WLC, you can do it from the CLI, you just need the commands....
  Fire up your TFTP server (you could use FTP), and set the transfer commands using CLI on the WLC
    TRANSFER UPLOAD MODE tftp
    TRANSFER UPLOAD DATATYPE WEBAUTHBUNDLE
    TRANSFER UPLOAD SERVERIP tftp-server-address
    TRANSFER UPLOAD FILENAME destination-filename
    TRANSFER UPLOAD START
  Check your settings and click 'y' to start
  Viola, a copy of the current WebAuth bundle! Unzip the bundle and you can see the current web pages used.

• How do I contact Verizon corporate regarding customer service issues?

      I'm trying to escalate an issue that I have with customer service and just can't seem to find out how to contact corporate to discuss my issue.  I have talked to customer service supervisers and asked them to escalate my complaint.  After being told it would be 5-7 days to respond, I'm still waiting.  Any help in contacting the right department at corporate would be helpful.

  Hello asianguy1964,
  I am available to assist and address any concerns that you may have in reference to customer service issue! May I ask is your posting regarding a billing issue, wireless service issue, or a interaction with a representative? Also, were you provided a reference number to your complaint? If you have a reference number then I can check on the status of your concern. Prior to investigating your reference number, would you be kind as to share the details of the issue as I'm condifent that we can If I am unable to provide a solution for you then the additional information will help me forward your concern to the appropriate channel. I look forward to hearing from you in the near future.
  Thank you...
  ArnettH_VZW
  Follow us on Twitter @vzwsupport

• Custom WebAuth

  I am basically trying to take the e-mail pass-through page and manipulate the simple html code say Signature instead of Email Address. However Every time I copy the code and open up the login.html that I upload with the custom webauth page I no longer have a submit button and even when I hit enter it no longer redirects me anywhere. Basically the need for this is to have the users name in the system to log them. We are just trying to figure out if there is a way for a guest to self register themselves by reading a license agreement and then signing at the bottom. Thanks in advance for any help that could be provided

  Just in case somebody is having the same problem.
  I did a "view source" from the internal web auth webpage and saved it to login.html.
  The internal webpage file path and the "Customised (Downloaded)" filepath are two different locations. So when you upload the login.html page you also need to bundle in loginscript.js (however I would rename loginscript.js to something else and change the reference to it in login.html). Here is the code for loginscript.js
  function getHtmlForButton(nameStr, str, bClass,onClickFn){
      if(nameStr == null || nameStr ==""
        || str == null || str ==""
        || onClickFn == null || onClickFn =="") {
          debugMsg("One of the input params for the button is not available");
          return;
      document.writeln('');
  function submitAction(){
    if(document.forms[0].err_flag.value == 1){
      // This case occurs when user's attempt to login failed
      // and he is going to login again. This means we have already
      // extracted redirect url in his first attempt and its stored
      // in redirect_url input element. so just submit the form
      document.forms[0].err_flag.value = 0;
      document.forms[0].buttonClicked.value = 4;
      document.forms[0].submit();
    }else{
        var link = document.location.href;
        //alert("Link is "+link);
        var searchString = "?redirect=";
        var equalIndex = link.indexOf(searchString);
        var redirectUrl = "";
        if(equalIndex > 0) {
              equalIndex += searchString.length;
              redirectUrl=link.substring(equalIndex);
              var index=0;
              //add http only if url does not have
              index=redirectUrl.indexOf("http");
              if(index != 0){
                 redirectUrl = "http://"+ redirectUrl;
        if(redirectUrl.length > 255){
            redirectUrl = redirectUrl.substring(0,255);
        document.forms[0].redirect_url.value = redirectUrl;
        //alert("redirect url is "+document.forms[0].redirect_url.value);
        document.forms[0].buttonClicked.value = 4;
        document.forms[0].submit();
  function submitOnEnter(event)
    var NS4 = (document.layers) ? true : false;
    var code = 0;
    if (NS4)
      code = event.which;
    else
      code = event.keyCode;
    if (code==13) submitAction(); // 12 corresponds to enter event
  function checkForMsg(){
      if(document.forms[0].info_flag.value == 1){
          alert(document.forms[0].info_msg.value);

• Custom WebAuth WLC 5760

  I want to setup a custom webauth for my WLC 5760. I already downloaded the webauth bundle and put it in WLC via Command Download in WLC GUI. According to Guide, after the download completed, the custom page will appear in custom page dropdown for web parameter map.
  But in my case it shows nothing. So where did I miss ?
  Thank You

  Hi
  Pls refer this document 
  http://www.cisco.com/c/en/us/support/docs/wireless/5700-series-wireless-lan-controllers/117728-configure-wlc-00.html
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Guest-User custom Webauth Page

  I have created and loaded a custom webauth page on my 4400-Software version 4.2.61.0. The TAR file loaded successfully on the controller.
  When a user logs in they get an ip however they never get re-directed to the page. It doesn't even try. When I try to web to 1.1.1.1 it displays page cannot be displayed.
  The Default WEB page works just fine.
  Any ideas?

  Same problem here.
  I have tried several webauth bundles (all upload fine). The client gets and IP, resolves the remote webserver address and is redirected to http://1.1.1.1 etc etc with all the correct parameters in the url, but the browser just displays a blank page. Running version 5.1.151.0. If I change Layer 3 security to Internal, I get the standard page displayed fine.

• Is there a way to backup the Custom WebAuth from the WLC?

  is there any way to get the tar file (or all of the individual files) of the custom webauth pages from the WLC as we have lost our backup (dont ask, even I'm not sure how that happened)

  Yes simply connect to the guest SSID and save the pages, that will capture the script, jpg and html file, choose save as webpage complete

• More than one customized webauth

  Hello,
  If possible i would like to use diffrent customized webauth page for to 2 diffrerents guest SSID.
  When the controller download the bundle (login.tar) it verify that login.html exist. If not -> error
  So it does not look possible to have differents login page.
  But why is it possible to assign Login, Login Failure, and Logout Pages per WLAN ?
  WLC5500 - 7.0.98
  Philippe

  As far as I know, in the webauth bundle you can add several customized webauths and then, when you configure your SSID, in security/layer3 you can override the global configuration and, for the list of all the files you download from the webauth list, select the file you want to use like "login webauth" only for this ssid, in this manner you could select differents webauth login pages for any ssid you need.
  Best regards.

• Customized webauth redirect to favorites tabs

  Hi!
  I´m trying to create a Customized WebAuth page for WLC 5.0. The dilemma is that customers that have several tabs that starts different webpages at start of the webbrowser would like to have those tabs redirected to the chosen startpage for every tab after login. As it is now the customized webauth appears on every tab and when You try to hit the update buttom on the webbrowser a popupmessagebox appear with the notice that Your already logged in. Instead of that message I would like to be redirected to the appropriate website chosen for that specifik tab. Hope You understand the dilemma and that there are someone that have an answer to share. How do I configure the customized "Login.html" to achieve the desired act?
  Regards
  Peter Vahlersvik

  In order to have the web page load properly, it is not sufficient to set the web-authentication type as customized globally in the Security > Web Auth > Web login page. It must also be configured on a particular WLAN . In order to do this, complete these steps:
      Log into the GUI of the WLC.
      Click on the WLANs tab, and access the profile of the WLAN configured for Web-authentication.
      On the WLAN > Edit page, click the Security tab. Then, choose Layer 3.
      On this page, choose None as the Layer 3 Security.
      Check the Web Policy box, and choose the Authentication option.
      Check the Over-ride Global Config Enable box, choose Customized (Downloaded) as the Web Auth Type, and select the desired login page from theLogin Pagepull down menu. Click Apply

• Custom Authentication Issue with Policy Agent

  Hi,
  I have a custom authentication module which is hosted on the BEA application server and I am trying to access through the policy agent on apache.
  I have set the following property in AMAgent.properties file
  com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login
  So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication is succeed, user sesion is being created and I get the following error message in the agent log file.
  2004-10-19 16:20:26.908 Error 27620:e1140 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:3
  2004-10-19 16:20:26.908 128 27620:e1140 RemoteLog: User unknown was denied access to http://hostname:port/weblogic/protapp/protected/a.html.
  2004-10-19 16:20:26.908 Error 27620:e1140 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
  2004-10-19 16:20:26.909 Error 27620:e1140 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
  2004-10-19 16:20:26.909 -1 27620:e1140 PolicyAgent: URL Access Agent: access denied to unknown user
  The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
  Thanks
  Neeraj

  Hi Neeraj,
  I still have not been able to resolve that issue. Let me know If you find a solution for the same.
  Thanks,
  Srinivas