HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

161

162

163

164

165

166

167

168

169

170

154

A set of authentication pages includes six main authentication pages and their page elements.

The six main authentication pages are the logon page, the logon success page, the logon failure page,

the online page, the system busy page, and the logoff success page.

The page elements refer to the files that the authentication pages reference, for example, back.jpg for

page Logon.htm. Each main authentication page can reference multiple page elements. If you define

only some of the main authentication pages, the system uses the default authentication pages for the

undefined ones.

For the local portal server to operate steadily, use the following rules when customizing authentication

pages:

File name rules

The names of the main authentication page files cannot be changed. You can define the names of the

files other than the main authentication page files. File names and directory names are case-insensitive.

Table 42 Main authentication page file names

Main authentication

e File name

Logon page logon.htm

Logon success page logonSuccess.htm

Logon failure page logonFail.htm

Online page

Pushed after the user gets online for online notification

online.htm

System busy page

Pushed when the system is busy or the user is in the logon process

busy.htm

Logoff success page logoffSuccess.htm

Page request rules

The local portal server supports only Get and Post requests.

• Get requests—Used to get the static files in the authentication pages and allow no recursion. For

example, if file Logon.htm includes contents that perform Get action on file ca.htm, file ca.htm

cannot include any reference to file Logon.htm.

• Post requests—Used when users submit username and password pairs, log on the system, and log

off the system.

Post request attribute rules

1. Observe the following requirements when editing a form of an authentication page:

{ An authentication page can have multiple forms, but there must be one and only one form

whose action is logon.cgi. Otherwise, user information cannot be sent to the local portal server.

{ The username attribute is fixed as PtUser. The password attribute is fixed as PtPwd.

{ Attribute PtButton is required to indicate the action that the user requests, either Logon or Logoff.

{ A logon Post request must contain PtUser, PtPwd, and PtButton attributes.

{ A logoff Post request must contain the PtButton attribute.

2. Authentication pages logon.htm and logonFail.htm must contain the logon Post request.

The following example shows part of the script in page logon.htm.