Some client requests cause the web server to return a form. Sometimes this form contains a request to log in. If you create a Form Fill policy, you can have Access Gateway fill in the form. When a user first logs in, Access Gateway prepopulates some fields and prompts the users for the others. Access Gateway securely saves the information, so that on subsequent logins, Access Gateway can fill in the form. The user is only prompted to fill in the form when something changes, such as a password expiring.
Form Fill uses two components: the HTML form and the Form Fill policy. The HTML form is created with HTML tags and consists of form elements such as fields, menus, check boxes, and buttons. The Form Fill policy is created by specifying the following:
Which information is entered automatically and not displayed to the user.
Which information is displayed so that the user, at least the first time, can enter the information.
What is done with the information (for example, whether it is saved so that the user does not need to enter it when accessing the form again).
You must create the policy before you can assign it to a resource. See Section 6.5, Form Fill Policies. To assign a Form Fill policy to a protected resource:
Click Devices > Access Gateways > Edit > [Reverse Proxy Name] > [Name of Proxy Service] > Protected Resources > [Name of Protected Resource].
Examine the entries in the URL Path List.
Ideally, the URL to which you are assigning a Form Fill policy must be a single HTML page or a few HTML pages. If possible, it must not be a URL that ends in a wildcard (for example, an asterisk) and therefore matches many pages.
IMPORTANT:When the URL ends in a wildcard, Access Gateway must search each page that matches the URL and check to see if it contains the form. This adds extra processing overhead for all the pages that match the URL, but do not contain the form. For more information about the performance problems this can cause, see Section 6.5, Form Fill Policies.
(Conditional) If the URL is not specific, click the name of the path and modify it.
Click Form Fill.
The Form Fill Policy List contains all the Form Fill policies that have been created on this Administration Console for the selected policy container.
Select one of the following:
To enable an existing policy, select the policy, then click Enable. Only the policies that are enabled are applied to this resource. Continue with Step 7.
To disable an existing policy, select the policy, then click Disable. Continue with Step 7.
To edit an existing policy, click the name of the policy. Remember that policies can be assigned to multiple protected resources. Modifying a policy also affects how this policy protects those resources. For more information, see Form Fill Policies.
When you have finished the policy modifications, continue with Step 7.
To create a new policy, click Manage Policies. On the Policies page, click New, specify a display name, select Access Gateway: Form Fill as the type, then click OK. For configuration information, see Section 6.5, Form Fill Policies.
When you have created your new policy, continue with Step 6.
To enable the policy you just created, select the policy, then click Enable.
Only the policies that are enabled are applied to this resource. If you use the same policy for multiple protected resources, use the policy description field to indicate this.
To save your changes to the browser cache, click OK.
To apply your changes, click the Access Gateways link, then click Update > OK.
IMPORTANT:If you enable a Form Fill policy for a protected resource that has been assigned to use a contract that does not prompt the user for a password and the Form Fill policy contains a field for the user’s password, single sign-on cannot be enabled because the password is not available. To enable single sign-on, use an Authentication class that retrieves the user’s password and injects it into the user’s credentials when the user authenticates using a non-password method such as X.509, RADIUS, smart card, or Kerberos. For information about such classes, see Password Retrieval.