Layer 7 Privileged Access Management

Expand all | Collapse all

Transparent login to Web portal using jumphost

Jump to Best Answer
  • 1.  Transparent login to Web portal using jumphost

    Posted 6 days ago
    Hi,

    For one Web portal, user authentication prompt is popping up like dialogue box.  So using Web SSO HTML learning mode cannot mark the appropriate field for auto-login. CA Support confirmed that it cannot be done using PAM so suggested us to use jumphost for transparent login. Can anyone help how to configure transparent login so that users can do auto-login using jumphost ?

    Thanks,


  • 2.  RE: Transparent login to Web portal using jumphost

    Posted 5 days ago

    Hi,

    Is it a public web site, so I can take a look?

    Usually web pages login page does post some login form, and that is the part the this kind of login forms can be automated.
    In some cases the form gets a nonce token, that makes it more difficult, but in general using some scripting language (like js) this can be automated.

    Then there are web and visual automation tools, like the ones PAM supplies for Transparent Login (to be carried from the jump host), that can be used to simulate the human action introducing credentials, RPA technologies are leveraging that currently very successfully. You can choose your own automation tool if PAM supplied tool does not fulfil your needs, some name drops like AutoHotKey, Greasemonkey and other alike specialised on web automation.

    The PAM supplied tool for the Jump Box, is started from the PAM UI, right selecting "learn mode", from a superuser on the access page on a Windows Machine (this is the jump box you need to prepare following up  PAM manual instructions to set up a specific app to be launched as a Terminal Server). Then you will get some graphical tools to prepare your login script: launch the app (in your case a web browser), click buttons, type username and password, click other buttons, wait, etc.  This is stored as a script you can even edit manually.  This way you will leverage a web browser in the Windows Terminal Server that is more stable and less subject to small changes that can distort the login script intent.

    I know it is more work than the "web learn mode", but Jump Box "learn mode" is also powerful, and otherwise you still have options.

    regards,




  • 3.  RE: Transparent login to Web portal using jumphost

    Posted 5 days ago
      |   view attached
    Hello Eduard,

    Thanks for your response. Actually it is a Blue Coat proxy web GUI. Herewith i attached the screenshot of the login page.

    Thanks,
    Vijay


  • 4.  RE: Transparent login to Web portal using jumphost
    Best Answer

    Posted 5 days ago
    Some web pages will not allow you to specify the fields and submit button.  You can determine this with the Learn Tool.  The Control Viewer has several functions.  One of which is to identify the correct Window Title.  Sometimes, it will be different that what you see on the web page.  With Control Viewer open drag the Browse Tool to the window for the Web page you're trying to use, specifically to the username field, the password field or the submit button.  If the web page allows the fields and button to be accessed separately you will see a red border around each after the Browse Tool is dragged to it.  If not, you will see the red border around the whole page.  If this is the case you will have to use mouse clicks and/or text input tools.

    ------------------------------
    Principal Support Engineer
    Broadcom
    ------------------------------



  • 5.  RE: Transparent login to Web portal using jumphost

    Posted 5 days ago
    Here is a link to a Tech Tip I wrote some time back:  https://community.broadcom.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=bf81ba77-ca87-41a9-89e1-8831c8de92a9&forceDialog=0.  It explains the basics of getting Windows Transparent Login working.

    ------------------------------
    Principal Support Engineer
    Broadcom
    ------------------------------