I'm having some trouble using the automatic web login, I was able to configure it using the learning mode. Sometimes it works and injects the website credentials correctly and sometimes the browser gets stucked on the login page of the website and gives the error "Auto login timeout expired, possibly due to wrong credentials." Looks like it fails to inject the credentials on the login page, I have verified the credentials and they are correct.
I have tested it with session recording enabled and disabled and get same results.
I have configured the TCP Service like this:
- Application Protocol: Web Portal
- Auto Login Method: CA PAM HTML Web SSO
- Browser Type: CA PAM Browser
- Route Through CA PAM: yes (checked)
- Access List: *
Any thoughts about what could be causing this issue?
Original Message:
Sent: 04-01-2020 08:42 AM
From: Pedro Fernandez
Subject: Website activity monitoring
Great! Didn't know web sessions could be recorded. That's what I needed.
Original Message:
Sent: 03-31-2020 08:34 PM
From: joseph lutz
Subject: Website activity monitoring
Pedro
Have you tried setting recording on the policy. You can record "web sessions" in a similar manner we record things like RDP. Configuring Transparent login just to do the same may be over doing this.
Additionally you may have to select "CA PAM Browser" to use our built in browser but you can use the same auto login method you selected in IE
Joe
Original Message:
Sent: 03-31-2020 04:46 PM
From: Pedro Fernandez
Subject: Website activity monitoring
Hi All,
Need your help on some PAM setup. We have a requirement to record all activity some users perform on a website.
Already tried with an HTML Web SSO TCP/UPD service and was able to authenticate into the application, but it doesn't record user activity.
As an alternative I am trying now to setup a Transparent Login to a Windows Terminal server to open a web browser, have PAM inject the website credentials and record the entire session.
I am following this guide: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-2-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/setting-up-transparent-login/set-up-transparent-login-for-rdp-servers.html
I was able to connect to the target server, open the Learn Tool but I am having a hard time to create the transparent login configuration file. If anyone can provide an transparent login configuration file to interact with Internet Explorer I would appreciate that.
Thank you,