SSL-VPN portal: username as variable

Report Inappropriate Content · ‎11-18-2009

Hi, (hope this is the right forum?) - I am longing for a new feature in the SSL-VPN portal that would help me a lot: It would be very useful if the user name (i.e. the login name the user supplied in the web-ssl login dialog) would be accessible as a variable in the portal, so that I can use it in the bookmarks. Why?: 1.) I could create one bookmark for *all* my users like: cifs://server/userhomes/%login%/myDocuments (where the fortigate would replace %login% by the user name) This would save me from creating bookmarks for each user. Further, it would be even more power, if something like this would be possible: 2.) Specify a username as part of cifs bookmarks (like it is possible with http): %login%@cifs://server/userhomes/%login%/myDocuments (where the fortigate would pre-fill the SMB login field with the user name) This would save my users from entering their name each time when accessing an SMB share. Probably this could be extended for storing a password into the URL as well (at for personal bookmarks, for security reasons). Am I the only one longing for that? :-) Kind regards Philipp

Carsten_Buchenau · ‎11-26-2009

v4-MR1-Patch1 supports Web-SSO, which is probably what you are looking at... check the online help!

Carsten Buchenau EDIFICE COMMUNICATIONS SA Lausanne, Switzerland

Report Inappropriate Content · ‎11-26-2009

Hi Carsten, thank you very much (obviously its a good idea to read the manual from time to time ;-) Thats exactly what I need, but unfortunately it only works for http/https bookmarks - I really long for SSO for SMB (cifs) bookmarks...! Regards, Philipp

damiri · ‎11-27-2009

We also need it for XenApp before but I think it is now possible to do it over https ? Anybody have tried this already.

Report Inappropriate Content · ‎11-29-2009

I tried it with http (login to KERIO mailserver), but it did not work in this case. Fortigate tries to fill the form via some very smart javascript in the browser. This is a generic approach, but probably not ideal for forms containing javascript themselves, I assume. My own approach was to write a small php script that submits http GET variables via POST, so that I could put the credentials in the URL string (as a dirty workaround). Sadly, the problem here is that the fortigate currently seems to dislike bookmarks containing get-variables such as http://server/postget.php?username=xxx. Edit: I filed a bug report at Fortinet, they are working on it. Though, my workaround should not be used for variables containing actual passwords, because despite the tunnel, in the URL all GET variables go over the net unecrypted, methinks!! /Edit. The SSO feature is brand new, so I am sure we can expect improvements here. Still, I am more curious about SSO for CIFS. (I do have a nasty workaround for http, for few users...)

Report Inappropriate Content · ‎12-12-2009

Hello! Also need a username as a variable for the SMB/CIFS. Now me need create a bookmark in my bookmarks for each user. Exp, for username1 - " //server/username1/" . Where storage this is " my bookmarks" of remote users? (not the bookmarks, which are designed for groups) How to get access to them for quick input all of " my bookmarks" for each user? thx UPD. About " My bookmarks" written in FortiOS Carrier CLI - ssl web favorite and KB:" Maximum values for SSL VPN bookmarks"