AAA form fill not working with Secure Web and CSRF token

One of the best things about XenMobile and Secure Web is the SSO integration with NetScaler. It usually ”just works”, but I actually got into an issue this time that was kind of interesting.

AAA form fill SSO using a web browser and AAA traffic policies worked without a problem, but when using the VPN traffic policies for Secure Web – the form fill only worked after manually refreshing the page.

After doing some initial troubleshooting and realizing it may be something deeper than just a misconfigured SSO, I decided to do a workaround – which actually works quite well until the problem is solved.

For those interested, it does seem like the NetScaler finds the CSRF token and inserts it – just that it doesn’t work the first time:

My solution was inserting a JavaScript into the page and forcing Secure Web to refresh once – which magically gets the form fill to work:

 

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.