cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Maxlength attribute in the passwd field of a GlobalProtect Loginpage

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎01-19-2015 11:59 AM
‎01-19-2015 11:59 AM

Maxlength attribute in the passwd field of a GlobalProtect Loginpage

Hello

As Two-Factor Authentication solution we are using yubico yubikeys (https://www.yubico.com/products/yubikey-hardware/yubikey-2/). These usb-devices generate a token which is 45 characters long. Unfortunately the global protect loginpage limits the maxlength of the password field to 40 characters. As I found out is that this input limitation is only in the html of the GP loginpage. Because if I remove the maxlength attribute, the login works with the yubikey as second factor.

What I tried as a workaround is the following short script in a custom GP loginpage:

<script type="text/javascript">

function setmaxlength () {

  document.getElementsByName("passwd")[0].maxLength = "50";

}

</script>

This script I loaded with additional onload attribute in the BODY tag.

With this script the maxlength will be set to 50 characters but unfortunately then the login does not work because my short javascript seems to break the PaloAlto Javascript which will be added at the beginning of every custom global protect loginpage and so the password field for the second-factor-passwort will never show up.

Does anyone has an idea how to increase this maxlength attribute in the passwd field for the second-factor-password?

Regards,

Remo

0 Likes
Reply

Accepted Solutions
bat
L5 Sessionator
‎01-20-2015 02:18 PM
‎01-20-2015 02:18 PM

AXI_IIEN_Remo

Just tested this and it worked fine (with local authentication). Add this in the <head> section of the page:

We will be using Jquery to remove the attribute:

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.js"></script>

<script type="text/javascript">

  $(document).ready(function() {

  $('input[name=passwd]').removeAttr( "maxlength" );

  });

</script>

Hope this helps !

View solution in original post

0 Likes
Reply

All Replies
bat
L5 Sessionator
‎01-19-2015 12:58 PM
‎01-19-2015 12:58 PM

Hi AXI_IIEN_Remo

How did you remove the maxlength attribute ? If that works then we can try to remove the attribute using javascript.

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎01-19-2015 01:42 PM
‎01-19-2015 01:42 PM

Hi bat

In Firefox I have an addon called "Web Developper 1.2.5". There I have the option to change html-forms of websites I opened and for example remote maxlength attributes.

As I wrote I tried something with Javascript, but my skilles there are not very good, so at the moment my 2 lines of script break the default javascript which is required by paloalto.

0 Likes
Reply
bat
L5 Sessionator
‎01-19-2015 02:18 PM
‎01-19-2015 02:18 PM

AXI_IIEN_Remo

Could you provide the URL to your global portal page I will try it on my PC

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎01-19-2015 02:32 PM
‎01-19-2015 02:32 PM

Hi bat

My global protect loginpage is the paloalto default at the moment.

But there you could see the issue

0 Likes
Reply
bat
L5 Sessionator
‎01-19-2015 02:32 PM
‎01-19-2015 02:32 PM

Could you try this in the javascript:

document.getElementsByTagName("passwd")[0].removeAttribute("maxLength");

Let me know how it goes.

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎01-19-2015 02:56 PM
‎01-19-2015 02:56 PM

Do you mean to load this by <BODY onload="FUNCTIONNAME()> or in another way?

0 Likes
Reply
bat
L5 Sessionator
‎01-19-2015 02:57 PM
‎01-19-2015 02:57 PM

Yeah I meant that way.

0 Likes
Reply
vsys_remo
Cyber Elite
Cyber Elite
‎01-19-2015 03:15 PM
‎01-19-2015 03:15 PM

Unfortunately this does not work either. The same issue as with my first try to increase the maxlength value by javascript. This short script gets in conflict with the default script which is inserted by paloalto at the beginning of the website (before the <html> tag).

The loginprocess is the following:

1. username and passwort

2. klick on Login

3. new password-box shows up where I have to fill in the second factor from the yubikey

With yours or mine javascript (loaded with body onload) the first step is successfull but the password field for the second factor will never show up.

0 Likes
Reply
bat
L5 Sessionator
‎01-20-2015 02:18 PM
‎01-20-2015 02:18 PM

AXI_IIEN_Remo

Just tested this and it worked fine (with local authentication). Add this in the <head> section of the page:

We will be using Jquery to remove the attribute:

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.js"></script>

<script type="text/javascript">

  $(document).ready(function() {

  $('input[name=passwd]').removeAttr( "maxlength" );

  });

</script>

Hope this helps !

View solution in original post

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks