Forum Discussion

ottleydamian's avatar
ottleydamian
Icon for Cirrus rankCirrus
Feb 21, 2018

APM SSO w/Infoblox Grid Manager

I cannot get my sso credentials to pass to the Infoblox Grid Manager logon page. I'm using a portal access and form based sso.

Configs:

apm sso form-based infoblox.sso {
    form-action /ui/
    form-field " "
    form-password password
    form-username username
    start-uri /ui/
} 

apm resource portal-access infoblox.pa {
    acl-order 6
    application-uri https://*.*.*.*/ui/
    customization-group infoblox.pa_resource_web_app_customization
    items {
        item {
            log packet
            order 1
            paths /*
            port https
            scheme https
            sso infoblox.sso
            subnet *.*.*.*/32
        }
    }
    publish-on-webtop true
    scheme-patching true
}

Things I've verified:

  • The sso.token.last. variables are populated for username and password

  • The input fields are called username and password

  • My Start URI matches: checking start uri match, start uri: '/ui/', request: '/ui/'

Note: There a 3 input fields of type hidden but they have no values:

APM
application delivery
security

4 Replies

Sort By
  • MD_'s avatar
    MD_
    Icon for Nimbostratus rankNimbostratus
    Feb 09, 2019

    Hi, I have the same problem, did you manage to find a solution ?

     

  • ottleydamian's avatar
    ottleydamian
    Icon for Cirrus rankCirrus
    Feb 10, 2019

    No, I never got it to work. I was using it to practice for the APM exam, and after I never tried again. A coworker told me it could be a JavaScript within the Infoblox login page that could be the issue. If you’re successful please tell me.

     

  • MD_'s avatar
    MD_
    Icon for Nimbostratus rankNimbostratus
    Feb 11, 2019

    Maybe the Form Client Initiated SSO ?

     

  • LK's avatar
    LK
    Icon for Nimbostratus rankNimbostratus
    Dec 02, 2019

    Hi all,

     

    same issue here, I've tried differents configurations in client Initiated SSO, still no luck.

     

    Looking at the login page source code, the submit post url is randomly generated, and embedded in a variable in the loginButton parameter

     

    APM uses the action url found in the first line to make the post, with a 302 response, going to a loop.

     

    The actual URL to use for the submit is this one in the exemple below, fo

    followed with a random number

    /XtqVMfGyWubvQytePUAWZLpT6r5I6X56WNo_v2?random=0.2568656566567 

     

    Here is the login form source code

    <form id="loginForm" method="post" action="./Rmpn1IWKMtJy6YpVWA2M6" AUTOCOMPLETE="off"><div style="width:0px;height:0px;position:absolute;left:-100px;top:-100px;overflow:hidden"><input type="hidden" name="loginForm_hf_0" id="loginForm_hf_0" /></div>
	<div class="ib-login-bar">
	<table width="100%">
		<tr>
			
				<td class="ib-login-bar-cell"><label for="username" title="Username">Username</label></td>
				<td class="ib-login-bar-cell">
				  <input name="username" type="text" size="20" onkeyup="resetFeedback(event);" value="" id="username" maxlength="12000"/><script type="text/javascript" language="javascript">document.getElementById("username").focus()</script>
				</td>
				<td class="ib-login-bar-cell"><label for="password" title="Password">Password</label></td>
				<td class="ib-login-bar-cell">
				  <input name="password" type="password" id="password" size="20" onkeyup="resetFeedback(event);" value="" maxlength="12000" AUTOCOMPLETE="off"/>
				</td>
			
			<td class="ib-login-button-cell">                    
				<label class="ib-login-bar-cell"></label>
				<input class="ib-login-button" type="submit" name="loginButton" id="loginButton" title="Login" onclick="this.disabled=true;if (function(){return Wicket.$$(this)&amp;&amp;Wicket.$$(&#039;loginForm&#039;)}.bind(this)()) { Wicket.showIncrementally(&#039;loginButton--ajax-indicator&#039;);}var wcall=wicketSubmitFormById(&#039;loginForm&#039;, &#039;./XtqVMfGyWubvQytePUAWZLpT6r5I6X56WNo_v2#039;, &#039;loginButton&#039; ,function() { this.disabled=false;;Wicket.hideIncrementally(&#039;loginButton--ajax-indicator&#039;);}.bind(this),function() { ;Wicket.hideIncrementally(&#039;loginButton--ajax-indicator&#039;);}.bind(this), function() {if (!function() {return Wicket.$$(this)&amp;&amp;Wicket.$$(&#039;loginForm&#039;)}.bind(this)()) {Wicket.hideIncrementally(&#039;loginButton--ajax-indicator&#039;);}return Wicket.$$(this)&amp;&amp;Wicket.$$(&#039;loginForm&#039;)}.bind(this));;; return false;" value="Login"></input><span style="display:none;" class="wicket-ajax-indicator" id="loginButton--ajax-indicator"><img src="./SzFQyPzbK-3ObKU3CLWYziyVLDWvrqp5jJWty8w8ZahJ5UI" alt=""/></span>
			</td>
		</tr>
	</table>
	 </div>      
	 <input type="hidden" id="timezone" value="" name="timezone"/>        
	 <input type="hidden" id="contextId" value="" name="contextId"/> 	
</form>

     Thanks for your help