The Inject JavaScript policy adds the configured JavaScript to a protected resource page, when used in the interactive mode. You can create a standalone Inject JavaScript policy. You can also use this policy with the Form Fill policy. When you use the Form Fill policy with this one, configure the actions in the following sequence:
Form Login Failure policy
Form Fill policy
Inject JavaScript policy
When the Inject JavaScript policy is configured along with the Form Fill policy, ensure that Auto Submit is not enabled for the Form Fill policy. In the Configure Javascripts section, select the option where you want to insert JavaScript in the HTML page. The following are examples based on the option you have selected.
In the head block
Selecting this option inserts the following JavaScript in the header:
<html> <head> <script language="JavaScript"> alert("Head"); </script>
At the beginning of the body block
Selecting this option inserts the following JavaScript just after the <body> tag.
<title> Test Java Script</title> </head> <body> <script language="JavaScript"> alert("Begin Body"); </script>
At the end of the body block
Selecting this option inserts the following JavaScript just before the </body> tag.
BODY starts. <br> Inject Java Script. <br> BODY ends. <br> <script language="JavaScript"> alert("End Body"); </script> </body> </html>
To create an Inject JavaScript policy:
Click Policies > Policies.
Select the policy container, then click New.
Specify a name for the policy, select Access Gateway: Form Fill as its Type, then click OK.
In the Actions section, click New > Inject JavaScript.
In the Form Selection section, select the criteria. If you are creating a standalone Inject JavaScript policy, specify the criteria. For more information, see Using CGI Matching Criteria and Using Page Matching Criteria. When you use the Inject JavaScript policy with the Form Fill policy, it uses the same criteria as that of the Form Fill policy.
NOTE:If you do not specify a criteria in the Form Selection section, the Inject JavaScript policy is applied to all protected resource pages.
Click OK > Apply Changes.
Continue with Assigning a Form Fill Policy to a Protected Resource.
The script in this example assumes that the contract timeout is five minutes. After four minutes, the user gets a popup message (timeout.html) with an option to refresh the page. If the user clicks on the option, the session is extended. If the user closes the popup or does not respond to the message, the system executes AGLogout and the session gets terminated.
Perform the following steps:
Configure a Form Fill policy to insert Java Script into the head block of an HTML page.
Go to Policies > New.
Specify a name for the policy and select the type as Access Gateway: Form Fill.
In the Actions section, click New and then select Inject JavaScript.
Define a CGI matching Criteria or Page Matching Criteria.
Under the Configure Javascript section, select In Head Block.
Click Configure JavaScript and copy the following script:
<script language="JavaScript"> var x; var timerID ; function timeoutClock() { if(x==60) // 60 seconds is the session time left when the session expire warning message appears. { newwindow = window.open('timeout.html','toWindow','toolbar=no,menubar=no,resizable=no,scrollbars=no,status=no,location=no,width=300,height=200'); } if(x==0) { window.location.href = 'https://www.ag1.com:443/AGLogout' // AGLogout link. } x=x-1; var t=setTimeout(function() {timeoutClock()} ,1000); } function resetClock() { clearTimeout(timerID); x = 300; //5 Minutes. This is the contact timeout defined. timeoutClock(); } </script>
In this script, set the value of x inside the function resetClock() according to the contract time out. In the example, x is set 300 that is equivalent to five minutes. Also, modify the following link in the script based on your configuration. This is a simple AGLogout link.
window.location.href = 'https://www.ag1.com:443/AGLogout'
Click OK > Apply Changes.
Assign the policy to a protected resource.
For more information, see Assigning a Form Fill Policy to a Protected Resource.
Ensure to call the resetClock() function in the body tag of the HTML page (<body onload=resetClock();>). This initializes the counter to 300 every time the page is loaded.
Create a timeout.html page, which contains warning message for the user that the session is going to end soon. The content of timeout.html can be as follows:
<script type="text/javascript"> var howLong = 60000; function closeMe() { var t = setTimeout(function() {self.close()},howLong); } function closeCurrentWindow() { window.close(); } </script> Click <a href="javascript:window.opener.location.href = window.opener.location.href;window.close()";>[here]</a>to refresh now. <br>Else you will be logged out in 60 seconds <body onload=closeMe(); Timeout </body>