Version Affected: 22.12 Hotfix 3+
Description:
When hitting a realm which includes the username in the query string, SecureAuth will auto-populate said username in the username field of the login page.
Cause:
This was an added feature in 22.12 Hotfix 3 and newer versions, but some customers would rather this not occur on their realms for different reasons.
Resolution:
In order to stop this feature, an admin will have to create an IIS rewrite rule to wipe out the Username= portion of the URL. Here are the steps to configure the IIS Rewrite Rule properly:
Open Internet Information Services (IIS) Manager Browse to: |
|
In the right pane, double click on Rewrite |
|
In the Actions pane, click on 'Add Rule(s)...' |
|
Select 'Blank rule' and click OK |
|
Give the rule a Name |
|
In the 'Match URL' section Set 'Requested URL' to 'Matches the Pattern' Set 'Using' to 'Regular Expressions' Set 'Pattern' to: |
|
In the 'Conditions' section, click 'Add' |
|
Set the 'Condition input' to '{QUERY_STRING}' Select 'Matches the pattern' Set 'Pattern' to: |
|
In the 'Action' section Set 'Action type' to 'Rewrite' Set the 'Rewrite URL' to {R:0}?{C:1}{C:3} Uncheck the 'Append query string' |
|
In the 'Actions' page, click on 'Apply' |
|
Special Considerations (optional as needed):
Setting this at the Default Website will roll the change to all sub-Applications. If the above is only required for certain realms, add the above to each realm which requires the username to be removed from the URL.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
If you only want to stop email addresses from showing up on the login screen and strictly use the username, I used a pattern like this;
(.*)(%40EMAILURL.COM{1,})(.*)
Where EMAILURL.COM is your email domain name.
The result on my system is that it leaves the username intact.
Please sign in to leave a comment.