Jump to content
Welcome to our new Citrix community!

ADC with Google reCaptcha only

Recommended Posts

we try to implement Google reCaptcha as a single factor on authentication VServer in front of the LB Vserver. ADC is 13.1 17.42

In this article  it says


Based on your use case and different schemas, you can modify the existing schema. For instance if you need only reCaptcha factor (without username or password) or dual authentication with reCaptcha.


We then deleted the lines 11-13 in SingleAuthCaptcha.xml but when clicking on "Logon" an error message appears "Please try again later...".
In ns.log we can find following message:

Failure_reason "Username/Password mismatch" - Browser Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

What do we miss here?



Link to comment
Share on other sites

This solution is not secure!! 
If we enable the login-button by hand via web-developer tools we are able to login without filling the recaptcha!!


Reason: ADC is not able to access www.google.com and therefore is not checking the capture result and bypasses the capture auth.


Solution: Enabling the ADC SNIP to talk to www.google.com via HTTPS. 

Edited by Daniel Krause
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...