cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
554
Views
10
Helpful
9
Replies
Beginner

ISE 1.4 Guest Portal Customisation - Prevent users from saving passwords in browser

HI All,

I am deploying ISE 1.4 for a customer, doing central web authentication for a guest wireless network. Guest access is working fine, however the customer has asked me to prevent users from saving usernames and passwords in the browser.

I can't see anywhere to prevent this throught the ISE GUI which leads me to think that we will need to modify the portal HTML.

For ISE 1.2, Cisco provide documentation and code to do this at the following URL:

http://www.cisco.com/c/dam/en/us/td/docs/security/ise/how_to/HowTo-42-Customize_ISE12_Web_Portals.pdf 

These instructions don't work for ISE 1.4 as the Guest Access menus have all changed. In particular, the only advanced customisation that seems to be available is to download a CSS file from the ISE customise it and the upload it to the ISE.

From my limited HTML knowledge, customising the CSS file only allows me to change the look of the portal, not the functionality.

Does anyone know if it's possible to cut custom HTML and install it on ISE 1.4? Looking through the release notes, this was removed in ISE 1.3 when they redid the Guest portal menuss.

Thanks

James

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

<script>

<script>
(function(){
   jQuery("input[name='user.password']").attr('type', 'text');
})();
</script>

View solution in original post

9 REPLIES 9
Cisco Employee

I did a quick research and it

I did a quick research and it seems like even with regular HTML with javascript there's no easy way to prevent browsers from offering to save the password. Check out this discussion:

http://stackoverflow.com/questions/23177225/how-do-i-disable-the-save-password-bubble-in-chrome-using-javascript

It does mention a workaround which is to use regular text type for the password field, and then use a css to mask it, but I don't see a way to modify that part of the portal HTML.

Beginner

Thanks for that, some more

Thanks for that, some more research shows that all mainstream browsers now ignore the autocomplete=off HTML tag which prevents local password save. The Guest Portal HTML contains this tag, but is now has no effect.

The links you provided show some workarounds, but these require modification to the Guest Portal HTML which doesn't seem to be possible in ISE 1.4

I've now opened a TAC case to see what's possible and will post the outcome here.

Cisco Employee

How about this? This would be

How about this? This would be put on the login page under Optional Content 2

See info on how to put javascript on the page in our design guide site

Guest and Web Authentication 
ISE Web Portal Customization Options (PDF - 2 MB)  
<div class="cisco-ise-optional-content-2" id="ui_login_optional_content_2">
        <script>
(function(){
   jQuery(document).ready(function() {
   jQuery("[name='user.password']").removeAttr("autocomplete");
   jQuery("[name='user.username']").removeAttr("autocomplete");

   });
})();
</script>
Beginner

HI Jason,

HI Jason,

Thanks for that. I tried adding the script into the Optional Content 2 field, but it doesn't seem to have done anything. I've attached the html code I get when I go to the portal test URL. I've only tested with Firefox, but it is definitely still prompting me to save the password.

Lookign at the portal builder it has an option to enable and disable password caching. Could this be the answer I am lookign for? I haven't been able to test this as the portal upload tool isn't working properly for me.

Cheers

James

Cisco Employee

No the portal builder option

No the portal builder option is something different. Its not recommend to use the portal builder for anything besides major layout changes where needed

did you make sure you followed the instructions in the how-to guide for working with JavaScript? Specifically on how to set ISE to allow the use of it?

Beginner

Hi Jason,

Hi Jason,

I enabled HTML and JavaScript portal customisation as per your document, which is working, and I can do the example exercise 1 from the document, which works fine.

If I past the script you supplied in, it seems to have no effect, and Firefox still prompts me to save the password.

One option that was put to me was to change the type of the password field to text which would stop browsers from prompting to save the password. The downside of this is that the password would be visibile while typing it it, but this is something that the customer would be OK with. Is it possible to do something like this using JavaScript?

Cheers

James

Cisco Employee

<script>

<script>
(function(){
   jQuery("input[name='user.password']").attr('type', 'text');
})();
</script>

View solution in original post

Beginner

Hi Jason,

Hi Jason,


Thanks for that, it worked perfectly.

Cheers

James

Highlighted
Cisco Employee

It looks like not all

It looks like not all browsers get this autocomplete=“off” thing.
The easiest way to do that is to change input type from password to text. See my other suggestions