If you are using a two factor authentication you will have to alter the passwords field name as you normally will not be satisfied with the naming password 1 and 2. There are several articles out there on how to succeed with editing the web pages itself or corresponding js files. This is much of an effort for just changing two field names with either copying files every restart of your NetScaler appliance or creating a custom theme.

This being said I will provide you with two articles on how to do it with some rewrite actions. I recommend you those two articles, one by Citrix and one by Stuart Carroll who edited the second factor rewrite action just a tiny bit so it will fit the 10.x versions of the NetScaler firmware too.



Following those articles you are able to alter the field names dynamically and end up with a customized wording in one language. This was not enough for me so I just altered and multiplied the needed policies and actions so I could analyze the browsers language and thus present the user with a wording in his own or closest language.

I will only show you an example on how to proceed. You may have to edit the shown commands to suit your needs. In addition I because of simplicity reasons I will cover only one password field.

For example if you want to check wether a browser is trying to access the login.js and the browsers language is german just add an expression which checks the http headers accept-language.

add rewrite policy hh_ldap_de_rewrite_pol „http.req.url.path.endswith(\“vpn/login.js\“) && http.REQ.HEADER(\“Accept-Language\“).TO_LOWER.STARTSWITH(\“de\“)“ ldap_de_replace_rewrite_action

I did use STARTSWITH and not an exact match as there are often dialects of certain language and am assuming that my needed languages are OK with this inaccuracy. You sure can use EQ to do an exact match.

There is no doubt that you would also create a corresponding rewrite action.

add rewrite action ldap_de_replace_rewrite_action replace_all „http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)“ „\“Kennwort:\’\““ -pattern „\“Password2\““ -bypassSafetyCheck YES -refineSearch q/extend(50,50).REGEX_SELECT(re![ ]*\'[ ]*\+[ ]*_\(\“Password2\“\)[ ]*!)/

Except creating a copy with a speaking name of the rewrite action you just have to edit the translated name for the password field and thats it.

From my point of view english is the last resort. If none of my customized languages fit I will present the user with an english version. To not write several rewrite policies I did create a pattern set for all customized languages except english and checked for that. If none of the languages fit I will call the rewrite action which presents the user the english version.

Creating the pattern set.

add policy patset language_set

Binding the desired accept-language codes to the created pattern set.

bind policy patset language_set de -index 1
bind policy patset language_set es -index 2
bind policy patset language_set fr -index 4
bind policy patset language_set ja -index 3

The slightly different rewrite policy.

add rewrite policy hh_ldap_en_rewrite_pol „http.req.url.path.endswith(\“vpn/login.js\“) &&! http.REQ.HEADER(\“Accept-Language\“).TO_LOWER.STARTSWITH_ANY(\“language_set\“)“ ldap_en_replace_rewrite_action

Now you are able to create several rewrite actions and policies and present your users with their native language. If you want to stick with the manufacturers build in languages just head over to the corresponding XML files which might help you in finding the correct words as long as you do not speak all languages you need yourself.


One Response to How to Use Rewrite to Customize the NetScaler Gateway Logon Page in a Multi language environment

  1. […] logon page, however they also had been of hardly any use to me. In the end I found a page by Stefan Holste. This page was not completely right and outdated, but it helped me doing […]

Schreib einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind markiert *