• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Discussion about article on changing the FBA page

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Discussion about article on changing the FBA page Page: [1]
Login
Message << Older Topic   Newer Topic >>
Discussion about article on changing the FBA page - 9.Feb.2005 5:32:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
This thread is for discussing the appearance of the OWA FBA log on page at http://isaserver.org/articles/2004custfba.html

Thanks!
Tom

[ February 09, 2005, 05:42 AM: Message edited by: tshinder ]
Post #: 1
RE: Discussion about article on changing the FBA page - 9.Feb.2005 9:46:00 PM   
jemoore

 

Posts: 2
Joined: 14.Jun.2004
From: Kansas City, MO
Status: offline
Sometimes a service pack will overwrite these customized files with newer versions so be sure you back them up as well.

(in reply to tshinder)
Post #: 2
RE: Discussion about article on changing the FBA page - 9.Feb.2005 9:57:00 PM   
rule14e3

 

Posts: 7
Joined: 28.Aug.2004
From: Virginia
Status: offline
Quick question. I had not thought of apply FBA to other sites, but if I wanted to do that how to I customize for multiple sites? In other words, what if I had a sharepoint site and an OWA site through the same ISA and wanted separate FBA screens. Is that handled in the code or is there a way to use multiple custom pages.

Thanks.

David

(in reply to tshinder)
Post #: 3
RE: Discussion about article on changing the FBA page - 9.Feb.2005 11:46:00 PM   
namkiwi

 

Posts: 3
Joined: 7.Feb.2005
Status: offline
Just a question, on the left of the logon form is a vertical line which joins to logon_IE_top.gif, how do you replace this or modify it? I have looked at all the cell, table, form properties, but can't find it.

Thanks

Frank

(in reply to tshinder)
Post #: 4
RE: Discussion about article on changing the FBA page - 12.Feb.2005 9:16:00 PM   
Guest
I would also like to see how to use the FBA feature of ISA Server 2004 to allow access to sharepoint sites and IIS web sites in general!

any chance we will see an update to that sometime soon?

(in reply to tshinder)
  Post #: 5
RE: Discussion about article on changing the FBA page - 12.Feb.2005 9:33:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

Hopefully Ladislav will have some time to update the article. As he said, its not supported, but works in general [Smile]

Thanks!
Tom

(in reply to tshinder)
Post #: 6
RE: Discussion about article on changing the FBA page - 12.Feb.2005 9:40:00 PM   
ronpunyer

 

Posts: 5
Joined: 12.Feb.2005
From: South Africa
Status: offline
I think it works well for companies that are aware of their corporate image even thought itĘs mostly used by staff.

In reply to the appearance discussion is the logon page supposed to read enter and not entry? On that note I was just wondering why contoso.com is redirecting to ms?

Thanks
Ron

(in reply to tshinder)
Post #: 7
RE: Discussion about article on changing the FBA page - 28.Feb.2005 4:11:00 PM   
readie@bedfordschool.org.

 

Posts: 2
Joined: 28.Feb.2005
From: Bedford UK
Status: offline
Like David above, I should like to use this feature for different web-sites behind our ISA server . . or at least one type of form for OWA and a different one for our web site, to start with. Is multiple forms possible?

(Will this get us over the nightmare of Windows logins at the moment, which depends on what OS the client is using out there . . sometimes they need DOMAIN\username, sometimes username@domain, and sometimes they get offered a 'three-box' login which has the domain in line three. If this forms-based login can get us over that, it would be FANTASTIC!)

(in reply to tshinder)
Post #: 8
RE: Discussion about article on changing the FBA page - 1.Mar.2005 1:55:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Bob,

I don't know if it'll be a universal fix, but it's a step in the right direction.

HTH,
Tom

(in reply to tshinder)
Post #: 9
RE: Discussion about article on changing the FBA page - 7.Mar.2005 6:12:00 PM   
b75owens

 

Posts: 17
Joined: 6.Aug.2004
From: Orlando
Status: offline
Hopefully Tom or Ladislav Solc can answer this question. By the way Tom your book rocks. We have used it a lot.

The sitution is that we used Ladislav document as a reference to modify the html code to the FBA log in page. If we add our own images on the ISA server in the directory they do not work. But if we change the logon_MSIERich and point to another webserver for the images the page comes up fine. We want to place the images on the isa server in the cookieauthtemplates directory because we have invested in a load balancing and do not want to reference a webserver our of the ISA environment but for some reason they do not load even after stopping and starting the firewall server or bouncing the box. Would this be a cache issue? If not is there a security function that is keeping the new images from being loaded.

Here is snipet of code that we used in the logon_MSIERichpage to reference the images and stylesheets on another server:

href="https://www.companywebserver.com/owa/stylesheet/text.css" rel="stylesheet" type="text/css">

We would really like to figure out how to get the images to work on the ISA server. Any help would be appreciated.
Below is a link to the owa site we are testing on our lab isa server. These images are pulled from the webserver example above and not on the isa server. Our ADG group has done a great job and we hope we can resolve this issue to get the images properly referenced on the ISA server for redunancy. https://mail.pbsj.net/exchange

Many thanks to whomever can help.

Owen

(in reply to tshinder)
Post #: 10
RE: Discussion about article on changing the FBA page - 18.Apr.2005 1:40:00 AM   
uhhuhyea

 

Posts: 11
Joined: 13.May2004
Status: offline
In Exchange OWA forms, I customized it so that users would not have to enter in the domain\username but rather just username. How can this be done with the ISA 2004 OWA forms? [Confused]

Tom I bought your books Thursday from Amazon, had it Friday and read it Friday,Saturday and Sunday, and implimented ISA 2004 Sunday. Thanks for the effort that went into the book.

[ April 18, 2005, 01:41 AM: Message edited by: uhhuhyea ]

(in reply to tshinder)
Post #: 11
RE: Discussion about article on changing the FBA page - 18.Apr.2005 3:38:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi uhhuhyea,

Thanks for getting the book! [Big Grin]

If you're using basic auth, you *might* be able to use only the user name if you set the default domain name, but I'm not sure about it.

Users *can* use a UPN to log on, such as tshinder@isaserver.org

HTH,
Tom

(in reply to tshinder)
Post #: 12
RE: Discussion about article on changing the FBA page - 18.Apr.2005 6:33:00 PM   
uhhuhyea

 

Posts: 11
Joined: 13.May2004
Status: offline
In the Exchange OWA forms I edited the asp code so when it passed the credentials it would add the domain\ at the front.

[ April 18, 2005, 06:33 PM: Message edited by: uhhuhyea ]

(in reply to tshinder)
Post #: 13
RE: Discussion about article on changing the FBA page - 22.Apr.2005 3:55:00 AM   
uhhuhyea

 

Posts: 11
Joined: 13.May2004
Status: offline
Still looking for a good way to edit the OWA form built in to ISA to allow Domain\ to be added to the user name before submitting like the available edit of the Exchage OWA forms.

(in reply to tshinder)
Post #: 14
RE: Discussion about article on changing the FBA page - 27.Apr.2005 8:09:00 PM   
jeffa

 

Posts: 5
Joined: 1.Feb.2005
Status: offline
Tom,

Do you think there is way for us to get the source code for the OWA FBA filter?

The OWA FBA filter is very close to meeting most users needs for other applications. If only we could tweak the source code a bit.

I've started on writing my own Auth Filter based on the ISA sample, but it's clear this will require a great deal of effort.

Thanks.

(in reply to tshinder)
Post #: 15
RE: Discussion about article on changing the FBA page - 12.May2005 7:51:00 PM   
wendylou

 

Posts: 18
Joined: 6.May2003
From: Minnesota
Status: offline
We have spent a lot of hours and effort developing the form-based login screen, plus our custom functions. We started with ISA 2000 and had two versions. Now we are working on the version 3 on ISA 2004. I can tell you that it's a difficult job. We hired two consultants who have a lot of c/c++ and ISAPI filter experience and we are still struggling with the problems in our version 3.

We have asked Microsoft to help and they said they will include it in their next release (who knows when we will see it!) Meanwhile, we need it now. I agree with jeffa, if OWA FBA code could be released and we could add in our custom code, it would be very helpful.

(in reply to tshinder)
Post #: 16
RE: Discussion about article on changing the FBA page - 12.May2005 11:43:00 PM   
TheCleaner

 

Posts: 74
Joined: 2.Apr.2004
Status: offline
Guys, quick question.

If I want to implement FBA for my OWA page, should I implement it through these means (ISA) or through the articles on msexchange.org implementing it inside the IIS install on the OWA server?

Is there any difference?

(in reply to tshinder)
Post #: 17
RE: Discussion about article on changing the FBA page - 21.Nov.2005 8:14:04 PM   
rubas

 

Posts: 1
Joined: 21.Nov.2005
Status: offline
Changing the ISA OWA pages is one thing but using this to front end access to sharepoint is another issue.  Although the initial authentication through to ISA is successful, whenever Sharepoint prompts for authentication again (i.e. create a new document), ISA returns the OWA forms page in the office application instead of the I.E. browser.  According to PSS, there is no way around this issue since the session is based on cookie authentication.

Has anyone else run into this issue authoring documents?  If so were you able to find a solution?

(in reply to tshinder)
Post #: 18
RE: Discussion about article on changing the FBA page - 15.Feb.2006 6:56:32 PM   
tepperson9

 

Posts: 1
Joined: 15.Feb.2006
Status: offline
Owen.

Did you guys ever figure out how to get your custom images to show if they sit on the ISA server itself?

Thanks.
Tony

(in reply to b75owens)
Post #: 19
RE: Discussion about article on changing the FBA page - 1.Mar.2006 1:31:11 AM   
ferrix

 

Posts: 547
Joined: 16.Mar.2005
Status: offline
You should always pre-authenticate users on the ISA 2004 system before allowing them to servers running services like IIS, Exchange, SPS, etc.  With regards to some of the questions/concerns it sounds like most of the OOB capabilities/limitations have been discussed.  You may also want to consider evaluating a more advanced authentication filter from us at www.collectivesoftware.com (FlexAuth for ISA 2004).  It gives you the ability to customize the FBA page much more so than you can out of the box.  It also provide the ability to deliver FBA to browsers that support it and Basic to those that don't (such as the example of wanting to use FBA but also allow WORD to access documents).  Another great feature when publishing things like SPS is our SSO capabilities that can provide SSO across a single session even if you are browsing between OWA, SPS or other published web sites.  It will not provide SSO into office (you will get a basic prompt in Word for example) because that is a different session and we do not put persistent cookies down because of the security risks involved.

There are a variety of other benefits in FlexAuth such as the options for LDAP for authentication and some protections against DoS attacks for account lockouts.  Check out an eval if it sounds like some of these features might help with any of your problems.

(in reply to rubas)
Post #: 20

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Exchange Publishing >> Discussion about article on changing the FBA page Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts