udaynj <[EMAIL PROTECTED]> queried the List: >Hi, We are using the ACE SecurID product from RSA Security to access our site. I >looked at the FAQs but could not find any answers to my question, which is >below: > >The default web page for securId asks you for a login id, when you submit the >form, it takes you to a page where you type in a PIN number. > >I would like to replace all this with one page where I can type in the SecurID >id, pin and also my application password. In addition, I would like to >incorporate my own graphics and web page design into this page. > >I have looked at the manuals, etc but can't find an answer. > >Any pointers would be highly appreciated. Hi Udaynj: This capability is a standard feature of RSA's Web Agents. The most recent documentation for the NT Agent (v 4.4) describes in detail how the login page can be customized. I do not believe the other Web Agent manuals (Netscape/iPlanet and Domino) have been updated with this information yet, and I don't see it yet available on the RSA website. Customizing the authenticating webpage is really easy. It is also increasingly common today. The relevant webpages are located in <root>/<opsys>/System32/ACECLNT. The front page for the SecurID authentication is called passcode.htm. As long as the on-site ACE Admin doesn't modify the cgi scripting on the pages, they can do just about anything they want to customize these pages. (There are also cgi scripts available on the ACE/Agent CD which will allow you to pull the userID out of the page to pass it along to NT. This can enable striking levels of personalization, despite the stateless character of the standard web connection.) Below, I append an excerpt from the Admin's Guide for RSA ACE/Agent v 4.4 for Windows NT. Hope this addresses your concern. RSA's Regional SSEs and the RSA Customer Support folk have this stuff down cold if you need any detailed assistance. Surete, _Vin <begin RSA manual quote> Changing the Text in a Web Access Authentication Form Important: Do not alter the position of %s variables. All of the HTML forms (including the New PIN prompts and error pages) can be modified, so long as you do not alter the relative positions of the %s variables in the scripts. If you do, the authentication prompt will not be able to get information from the RSA ACE/Server. To use international characters in the forms, consult an HTML reference book or visit the World Wide Web Consortium's Web site at http://www.w3.org/pub/WWW/International for more information about using international character sets in HTML documents. To change the text in a Web access authentication form: 1. Using a text editor, open one of the HTML forms in the %SYSTEMROOT%\system32\aceclnt directory. 2. Delete the text found between the <TITLE>, <HEAD>, <H1>, or <P> taes, and %nter yoor new hmading oj body tuxt in ils plcced Fo exampl-, the tcg <H1>Wmlcome t% Widget), Inc.<mH1>, when placed in the passcode.htm file, changes the text of the first heading in that page from "RSA SecurID PASSCODE Request" to "Welcome to Widgets, Inc." 3. Save and close the file. The form will display the new greeting to RSA SecurID users. Adding Custom Graphics to a Web Access Authentication Form Important: Do not alter the position of %s variables. All of the HTML templates (including the New PIN prompts and error pages) can be modified, so long as you do not alter the relative positions of the %s variables in the scripts. If you do, the authentication prompt will not be able to get information from the RSA ACE/Server. When adding graphics files to the authentication prompt, make sure that the graphics are not loaded from an RSA SecurID-protected directory. If these files are protected, the browser will not recognize them and will display them as "broken image" icons. To add a custom graphic to a Web access authentication form: 1. Using a text editor, open one of the template files in the %SYSTEMROOT%\system32\aceclnt directory. 2. Decide where you want the image to be placed on the page, then insert an <IMG> tag in the HTML markup pointing to the image file. For example, the line <IMG src="http://server.domain.com/img/logo.gif" ALIGN="left"> places the logo.gif image to the left of the page text. Make certain that the image file you point to in the src path is in an unprotected directory, and that you always specify a fully qualified path to the image file. 3. Save and close the file. 4. Stop and restart the Web server for the changes to take effect. The Web authentication prompt will display the new graphic. Changing the Buttons in a Web Access Authentication Form Important: Do not alter the position of %s variables. All of the HTML templates (including the New PIN prompts and error pages) can be modified, so long as you do not alter the relative positions of the %s variables in the scripts. If you do, the authentication prompt will not be able to get information from the RSA ACE/Server. To change the buttons in a Web access authentication form: 1. Using a text editor, open one of the template files in the %SYSTEMROOT%\system32\aceclnt directory. The source HTML for the authentication page opens. 2. Scroll down to the line that reads <INPUT TYPE=SUBMIT VALUE="Send">. 3. Edit the line so it reads <A HREF="JavaScript:document.forms[0].reset()"><IMG SRC="path to your image" BORDER="0"></A> where path to your image is a fully qualified path to an image file. Note: Do not load the graphics files from a directory that is protected by an RSA ACE/Agent. If the files are protected, the browser will not recognize them and will display them as broken image icons. If you also want to replace the Reset button, replace the line <INPUT TYPE=RESET VALUE="Reset"> with <A HREF="JavaScript:document.forms[0].reset()"><IMG SRC="path to your image" BORDER="0"></A> 4. Save and close the file. 5. Stop and restart the Web server for the changes to take effect. Specifying the Location of Customized HTML Forms The default Web access authentication HTML forms are copied during the Agent installation into the %SYSTEMROOT%\system32\aceclnt directory on the Agent's host machine. These files are used by the Agent by default for every virtual Web server. You can, however, create customized templates for a virtual Web server from those default files. If you decide to use customized templates, you must store them in a different directory, not in the %SYSTEMROOT%\system32\aceclnt directory. Use the following procedure to specify where the Agent can find a virtual Web server's customized HTML forms. To specify the location of a virtual server's customized HTML forms: 1. In the Internet Service Manager (ISM), right-click the virtual server (Web site), and click Properties on the displayed menu. The Properties window for the virtual server opens. 2. In the Properties window, click RSA SecurID to display the Web access authentication properties sheet. 3. In the Templates box of the Advanced Settings group, enter the full path of the directory that stores the customized templates for the virtual server. You can click Browse to search for the correct directory. 4. Click Apply. 5. To test the results, connect to the virtual server as an RSA SecurID user, and attempt to gain access to a protected file or directory on the server. You should see the customized Web access authentication prompt. <end RSA manual quote> - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]