Posted in : NetScaler

3 years ago

There seems to be an issue with the idle timeout in RfWebUI (verified in NetScaler version 12.0) and I’ve created a workaround until it is solved.
It is all based on a JavaScript that checks if the user is logged on, if logged on it starts a timer and when the timer is reached logs the user out.

<script type="text/javascript" language="javascript">
    var timeout = 300; //Timeout in seconds
    timeout = timeout * 1000;
    var timer;
    var waitForCookie = function () {
        if (CTXS.getCookie("NSC_AAAC") != null) {
            var t;
            document.onload = resetTimer;
            document.onmousemove = resetTimer;
            document.onmousedown = resetTimer;
            document.ontouchstart = resetTimer;
            document.onclick = resetTimer;
            document.onscroll = resetTimer;
            document.onkeypress = resetTimer;
            function logout() {
                //console.log("Logout...");
                doGatewayLogoff();
                location.reload();
            }
            function resetTimer() {
                clearTimeout(t);
                t = setTimeout(logout, timeout);
                //console.log("Reset timer...");
            }
            clearInterval(timer);
            resetTimer();
        }
    }
    timer = setInterval(waitForCookie, 5000);
</script>

Change the parameter at the top ”var timeout = xyz” where xyz is the time out in seconds. Because I wasn’t able to only insert this script when the user is logged in (always had to refresh) I chose to create a check that checks every five seconds for the cookie NSC_AAAC which is created upon logon and removed during logout. In this case, we reset the timer if the mouse is moved, a page is loaded or a key is pressed. This can be changed based on your requirements (for example removing document.onclick = resetTimer; if you don’t want a click to reset the idle timer).
When using it in Netscaler, add it like this:

add rewrite action RWA-RES-IDLE_TIMEOUT replace_all "HTTP.RES.BODY(96190).SET_TEXT_MODE(IGNORECASE)" "\"\\r\\n\"+\n\"<script type=\\\"text/javascript\\\" language=\\\"javascript\\\">\\r\\n\"+\n\"    var timeout = 300; //Timeout in seconds\\r\\n\"+\n\"    timeout = timeout * 1000;\\r\\n\"+\n\"    var timer;\\r\\n\"+\n\"    var waitForCookie = function () {\\r\\n\"+\n\"        if (CTXS.getCookie(\\\"NSC_AAAC\\\") != null) {\\r\\n\"+\n\"            var t;\\r\\n\"+\n\"            document.onload = resetTimer;\\r\\n\"+\n\"            document.onmousemove = resetTimer;\\r\\n\"+\n\"            document.onmousedown = resetTimer;\\r\\n\"+\n\"            document.ontouchstart = resetTimer;\\r\\n\"+\n\"            document.onclick = resetTimer;\\r\\n\"+\n\"            document.onscroll = resetTimer;\\r\\n\"+\n\"            document.onkeypress = resetTimer;\\r\\n\"+\n\"\\r\\n\"+\n\"            function logout() {\\r\\n\"+\n\"                //console.log(\\\"Logout...\\\");\\r\\n\"+\n\"                doGatewayLogoff();\\r\\n\"+\n\"                location.reload();\\r\\n\"+\n\"            }\\r\\n\"+\n\"\\r\\n\"+\n\"            function resetTimer() {\\r\\n\"+\n\"                clearTimeout(t);\\r\\n\"+\n\"                t = setTimeout(logout, timeout);\\r\\n\"+\n\"                //console.log(\\\"Reset timer...\\\");\\r\\n\"+\n\"            }\\r\\n\"+\n\"            clearInterval(timer);\\r\\n\"+\n\"            resetTimer();\\r\\n\"+\n\"        }\\r\\n\"+\n\"    }\\r\\n\"+\n\"    timer = setInterval(waitForCookie, 5000);\\r\\n\"+\n\"</script>\\r\\n\"+\n\"\\r\\n\"+\n\"</body>\\r\\n\"+\n\"</html>\\r\\n\"" -search "text(\"</body>\n</html>\")"
add rewrite policy RWP-RES-IDLE_TIMEOUT "HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).EQ(\"/logon/LogonPoint/index.html\")" RWA-RES-IDLE_TIMEOUT
bind vpn vserver <NSGW VSERVER> -policy RWP-RES-IDLE_TIMEOUT -priority 90 -gotoPriorityExpression NEXT -type RESPONSE

If you are using the NetScaler Web UI to create the rewrite, the action expression will look like this:

"\r\n"+
"<script type=\"text/javascript\" language=\"javascript\">\r\n"+
"    var timeout = 300; //Timeout in seconds\r\n"+
"    timeout = timeout * 1000;\r\n"+
"    var timer;\r\n"+
"    var waitForCookie = function () {\r\n"+
"        if (CTXS.getCookie(\"NSC_AAAC\") != null) {\r\n"+
"            var t;\r\n"+
"            document.onload = resetTimer;\r\n"+
"            document.onmousemove = resetTimer;\r\n"+
"            document.onmousedown = resetTimer;\r\n"+
"            document.ontouchstart = resetTimer;\r\n"+
"            document.onclick = resetTimer;\r\n"+
"            document.onscroll = resetTimer;\r\n"+
"            document.onkeypress = resetTimer;\r\n"+
"\r\n"+
"            function logout() {\r\n"+
"                //console.log(\"Logout...\");\r\n"+
"                doGatewayLogoff();\r\n"+
"                location.reload();\r\n"+
"            }\r\n"+
"\r\n"+
"            function resetTimer() {\r\n"+
"                clearTimeout(t);\r\n"+
"                t = setTimeout(logout, timeout);\r\n"+
"                //console.log(\"Reset timer...\");\r\n"+
"            }\r\n"+
"            clearInterval(timer);\r\n"+
"            resetTimer();\r\n"+
"        }\r\n"+
"    }\r\n"+
"    timer = setInterval(waitForCookie, 5000);\r\n"+
"</script>\r\n"+
"\r\n"+
"</body>\r\n"+
"</html>\r\n"

 

Tags : NetScaler, NetScaler Gateway, rewrite, RfWebUI

Comments

Sam J says

Very nice!

Simon Gottschlag says

Thank you Sam! Wouldn't have any idea what to do with javascripts without you. :)

Matt says

What version of the RfWebUI and what is the symptoms the users sees?

Simon Gottschlag says

Hi Matt! We've seen this in the latest NetScaler version 12 build, but I think it is specific for when you are using Unified Gateway (compared to using the StoreFront UI).

Les K says

Great article, is there a way to a countdown timer with a pop up box?

Add comment

Your comment will be revised by the site if needed.