Customizing the IAG Attachment Wiper component

  • Article

Applies To: Intelligent Application Gateway (IAG)

The Whale Communications Intelligent Application Gateway (IAG) 2007 Attachment Wiper client endpoint component deletes persistent browser data that is downloaded to client endpoint browsers from sites published by IAG. For more information , see About the IAG Attachment Wiper component.

Before activating the Attachment Wiper component for portal and application sessions, there are a number of settings that you can optionally modify, including the following:

  • Specifying how items saved outside the browser cache are cleaned up.

  • Configuring a scheduled cleanup after a preconfigured timeout period.

  • Enabling the Attachment Wiper component on a custom logoff page. The code that triggers the component, to initiate the cleanup of the browser’s cache on the client, is embedded in the logoff message page that is supplied with IAG. If, however, the trunk is configured to use a custom logoff page, you need to add the code in the custom page.

  • Configuring the encrypted pages save setting. Normally, Windows Internet Explorer browsers save encrypted SSL pages to the “temp files” folder. However, end-users can enable the “Do not save encrypted pages to disk” setting in Internet Explorer, located by clicking the Tools menu, clicking Internet Options, and then clicking the Advanced tab. This prevents the browser from saving SSL pages to the default “temp files” folder. In this case, when users download an SSL page, they are prompted to provide an alternative location where it should be saved. In this setup, when a session ends, the Attachment Wiper component clears the “temp files” folder but cannot identify the location to which the encrypted pages are saved. In order to prevent these pages from remaining on the endpoint computer, at the beginning of each session, the Attachment Wiper component automatically disables the “Do not save encrypted pages to disk” setting, if enabled, so that encrypted pages are saved to the “temp files” folder. At the end of the session, after the Attachment Wiper component stops monitoring all open sessions, the “Do not save encrypted pages to disk” setting is reverted to its original status. You can cancel the disabling of the “Do not save encrypted pages to disk” setting.

Cleaning up items saved outside the cache

This procedure describes how to cancel the disabling of the “Do not save encrypted pages to disk” setting on a client endpoint running Internet Explorer.

To configure cleanup of items that are saved outside the cache

  1. Access the following custom folder:

    …\Whale-Com\e-Gap\von\InternalSite\inc\customUpdate

    If this folder does not exist, create it.

  2. Under the CustomUpdate folder, create an inc “hook”, which will be activated before the PostValidate.asp reaches the client side:

    PrePostValidate.inc

    Or,

    PostPostValidate.inc

    Name the file as follows:

    < Trunk_Name ><Secure(0=no/1=yes)>< Hook_Name >

    For example:

    For an HTTPS trunk named “WhalePortal”, to create a “PrePostValidate” hook, create the file:

    WhalePortal1PrePostValidate.inc

    If such a file already exists, use the existing file.

  3. In the file you defined in step 2, add the following lines:

    <%

    SetSessionParam g_cookie,ATTACHMENT_WIPER_CLEAR_HISTORY_PARAM,"< flag >"

    %>

    Where flag may be any combination of the flags in the following table.

    For example:

    In order to clear the browser’s History, Web Address AutoComplete, and IntelliForms, without clearing any of the other items, add the lines:

    <%

    SetSessionParam g_cookie,ATTACHMENT_WIPER_CLEAR_HISTORY_PARAM,"3"

    %>

Flag Description

1

Clear History.

2

Clear Web Address AutoComplete and IntelliForms.

4

Clear Cached Passwords in Forms AutoComplete and Wininet’s cached passwords (replies to application-specific authentication requests).

8

Clear all fields that are saved by Forms AutoComplete, except for Cached Passwords, which are cleared by flag 4.

Note

For the cleanup of the Forms AutoComplete data, it is recommended to use flags 4 and 8 together (12). It is not recommended to use flag 8 on its own.

Configuring a scheduled cleanup

In addition to the automatic cleanup that is triggered at the end of a session or when a user is logged out, you can configure a “scheduled cleanup”, whereby the Attachment Wiper component automatically triggers a cleanup after the timeout period you configure.

You can configure the scheduled cleanup to be triggered by any of the pages that users access while browsing the applications enabled through the trunk. If you configure a cleanup trigger in more than one page, the timeout defined in the page that was last accessed sets the trigger.

For example: if you configure a 900-second timeout in one of your pages, once a user receives the page, the timeout is set to 900 seconds. However, if you also configure a 300-second timeout in another page, once a user accesses it, the timeout is set to 300 seconds, regardless of the time that elapsed since the user accessed the previous page. In this example, 300 seconds after the user accesses the second page, the Attachment Wiper component triggers the cleanup.

Warning

Do not edit the pages that are supplied with IAG. Configure the cleanup in your own pages, such as the application pages.

To configure a scheduled cleanup

  1. In the page from where you wish to trigger the cleanup, add the following line:

    • For Portal trunks:

      <script language="JavaScript" src="https://localhost:6001/

      InternalSite/scripts/CacheClean.js"></script>

    • For Webmail and Basic trunks:

      <script language="JavaScript" src="/InternalSite/scripts/

      CacheClean.js"></script>

  2. Still in the same page, add the following lines:

    <script language="JavaScript">

    var whaleCacheClean;

    GetCacheCleanInstance();

    SetTimeoutForCacheClean( Timeout );

    </script>

    Where Timeout is defined in seconds.

    For example:

    In order to trigger a cleanup 600 seconds after the user accessed the page, enter the line:

    SetTimeoutForCacheClean(600)

    Note

    If you set the timeout to zero, the cleanup is triggered as soon as the user accesses the page.

Enabling the Attachment Wiper on a custom logoff message page

This procedure describes the code you need to embed in the logoff message page used with the trunk if you do not use the default page supplied with IAG. The code triggers the Attachment Wiper component to initiate the cleanup of the browser’s cache.

Tip

You select the logoff message page used with the trunk in the Authentication tab of the trunk properties. For instructions, see Managing client endpoints during an IAG session.

You can find sample code in the logoff message page supplied with IAG:

…\Whale-Com\e-Gap\von\InternalSite\LogoffMsg.asp

To configure a non-default Logoff Message page to trigger the Attachment Wiper

  1. In your Logoff Message page, add the following line:

    <script language="JavaScript" src="scripts/CacheClean.js"></script>

  2. Still in the same page, add the following lines:

    <script language="JavaScript">

    var whaleCacheClean;

    GetCacheCleanInstance();

    ActivateCacheCleanDontSurf()

    </script>

When encrypted pages are saved to a location other than “Temp files”

Cancel the disabling of the “Do not save encrypted pages to disk” setting, as follows:

To cancel the disabling of the “Do not save encrypted pages todisk” setting on the endpoint computer

  1. On the IAG computer, use the Registry Editor to access the following location:

    …\WhaleCom\e-Gap\common\GUI

  2. Create a new DWORD value named Change_NoSSLCache_Setting, and set the value to 0.

  3. Access the Configuration program. Click to activate the configuration, select the option Apply changes made to external configuration settings, and click Activate

    Once the configuration is activated, the Do not save encrypted pages to disk setting is not changed on the endpoint computer.