Compartir a través de

Customizing the ADFS forms based login page

  • Artículo

By default, the ADFS forms based login page supplied by an ADFSProxy server is a best pretty boring and at worst inaccurate.

Out of the box, it looks like this:

Wouldn't it be nice to:

  • Add some pretty logos?

  • Correct that Domain\username example so it show UPN format?

  • Change the instruction text?

  • Give the page a better title than "Sign In"?

  • Remove or change that hostname header above the login box?

  • Add an "Authorized Use" text block at the bottom to keep the lawyers from bugging you?

     

 

Well, if you agree, today is your lucky day!

Please, keep in mind that it is quite possible (likely even) that some of the changes I describe below will be overwritten when you apply any update to ADFS. Make sure you:

  1. Back up your original files, in case you need to revert to the stock config
  2. Have backup copies of your changes, in case they get stomped on by an update.
  3. Understand that you may have to re-do your changes after an update as the underlying files may change.

 

These instructions are applicable to ADFS 2.0 with update rollup 2. I have not tested this with any other past or future version.

Having covered all necessary behinds…on with the show

 

Adding a Logo

  • Logo image file should be 600x100
  • Save image file to c:\inetpub\adfs\ls\logo.jpg (or logo.png)
  • Open c:\inetpub\adfs\ls\web.config in notepad
  • Locate text
    <!--
    <add key="logo" value="logo.jpg" />
    -->
  • Remove the "<!--" and "-->" to uncomment the section. Change filename to match the logo you saved.
  • Save file and close

Change the "Example" Instructions

  • Go to C:\inetpub\adfs\ls\App_GlobalResources
  • Edit file CommonResources.en.resx in Notepad (replace the "en" with your localization code if not English)
  • Locate text:
    <data name="UsernameExample" xml:space="preserve">
    <value>Example: Domain\Username</value>
    </data>
  • Edit this text to be what you want
  • Save File and close

Change the Instruction Text

  • Edit CommonResources.en.resx in Notepad as per item above

  • Locate text:

    <data name="FormsSignInHeader" xml:space="preserve">

    <value>Type your user name and password.</value>

    </data>

  • Edit this text to be what you want

  • Save file and close

Change the Page Title

  • Go to C:\inetpub\adfs\ls\App_GlobalResources

  • Edit file CommonResources.en.resx in Notepad

  • Locate text:
    <data name="FormsSignInPageTitle" xml:space="preserve">
    <value>Sign In</value>
    </data>

  • Edit this text to be what you want

  • Save File and close

     

     

Remove or Change the Hostname Header Above the Login Box

  • Go to C:\inetpub\adfs\ls\MasterPages

  • Edit MasterPage.master.cs in Notepad

  • Locate text:
    {
    PageTitleLabel.Text = Page.Title;
    STSLabel.Text = FriendlyName;
    }

  • Change this text to what you want. Your text MUST BE IN QUOTES. Like this
    STSLabel.Text = "Contoso Limited Single Sign On";

  • Save File and close

     

Add an "Authorized Use" disclaimer or other text at bottom of page

 

  1. Go to C:\inetpub\adfs\ls\MasterPages
  2. Open MasterPage.Master in Notepad (not MasterPage.Master.cs)
  3. Locate text at the end of the file:
    <div class="MainActionContainer">
    <asp:ContentPlaceHolder ID="ContentPlaceHolder1" runat="server">
    </asp:ContentPlaceHolder>
    </div>
    </div>
    </form>
    </body>
    </html>
  4. Add a section here (added text hightlighted):
    <div class="MainActionContainer">
    <asp:ContentPlaceHolder ID="ContentPlaceHolder1" runat="server">
    </asp:ContentPlaceHolder>
    </div>
    <div class="GroupLargeMargin">
    <div class="TextSizeLarge">
    <asp:Label ID="STSFooter" runat="server"></asp:Label>
    </div>
    </div>
    </div>
    </form>
    </body>
    </html>
  5. Save file and close
  6. Edit file MasterPage.Master.cs in Notepad
  7. Locate text:
    protected void Page_Load( object sender, EventArgs e )
    {
    PageTitleLabel.Text = Page.Title;
    STSLabel.Text = FriendlyName;
    }
  8. Add a line (added text highlighted)
    protected void Page_Load( object sender, EventArgs e )
    {
    PageTitleLabel.Text = Page.Title;
    STSLabel.Text = FriendlyName;
    STSFooter.Text = "This is a secured, private computer system owned by Contoso. All Information contained on this system is deemed to be PRIVATE, PROPRIETARY, CONFIDENTIAL and the property of Contoso, Inc., its affiliates, divisions or subsidiaries. Unauthorized access or use is strictly prohibited. Any use of Contoso resources must be in compliance with Contoso policies including Electronic Mail/Communication; Information System Usage; Corporate Disclosure; Unauthorized Use of Software and the Code of Business Ethics. By using Contoso resources, you agree to comply with Contoso policies. Any unauthorized access to or use of Contoso Resources may be punishable in a court of law and may include termination of employment or contract with Contoso.<br>To protect your account from unauthorized access, Outlook Web Access automatically closes its connection to your mailbox after a period of inactivity. If your session ends, refresh your browser, and then log on again.";
    }
  9. This text is all on one line. If you need or want a linefeed in the text use <br>, like here.
  10. Save file and close

 

 

These are just a few of the theme elements you can fiddle with on the ADFS Proxy form. As you play with these, you will see other text tidbits you may want to adjust. Just be certain to follow my warnings and back everything up before and after your fiddling.

 

Steve

Comments

  • Anonymous
    January 01, 2003
    Sweet !!!!!!!!!

  • Anonymous
    January 01, 2003
    Sorry, didn't know comments accepted html. For adding a link in the footer, the a href URL can just be enclosed in single quotes rather than double.

  • Anonymous
    January 01, 2003
    For those asking about the quotes issue when adding an tag, simply use single quotes for the URL.

  • Anonymous
    January 01, 2003
    I opened my web.config to change the logo but I am not finding •Locate text Any suggestions?

  • Anonymous
    January 01, 2003
    Kevin, That question goes beyond my scope of knowledge.  Please check out the ADFS 2.0 content map: social.technet.microsoft.com/.../2735.ad-fs-2-0-content-map.aspx You may find an article there.

  • Anonymous
    January 01, 2003
    The disclaimer is in HTML format, so you could add a hyperlink anywhere in the text block.  Like this: <a href="www.contoso.com/privacy.htm">View our full privacy policy online</a>

  • Anonymous
    January 01, 2003
    I opened my web.config to change the logo but I am not finding •Locate text Any suggestions?

  • Anonymous
    November 30, 2012
    Thanks -- this is very helpful!

  • Anonymous
    February 20, 2013
    This has been a great help to us.....do you know how I can make text that is in the disclaimer to be a hyperlink? thanks again.....

  • Anonymous
    April 16, 2013
    Great post - I'm trying to add HTML to the disclaimer (inserting Image source tag and some font tags) but the page generates an error.  It seems to be related to using double quotes - perhaps it breaks quoted bounds of the STSFooter.Text from your example. Has anyone been successful at adding an image source or a link href tag to the disclaimer?  How did you accomplish this? Any ideas?

  • Anonymous
    May 16, 2013
    Thanks - this is very useful. One question, Is it possible to dynamically display the target application name in the login page? Say if ADFS is used by multiple applications, when the form is displayed to the user, it would be nice to say which application they are required to login for.

  • Anonymous
    July 17, 2013
    Thanks for the info provided. m/

  • Anonymous
    August 05, 2013
    I've been trying to implement a custom sign in page for a while - these concise and accurate instructions helped me resolve it in very short order. Brilliant, many thanks.

  • Anonymous
    August 05, 2013
    for adfs can we provide access control on the list of relying parties thats shown?

  • Anonymous
    August 05, 2013
    can anyone please help

  • Anonymous
    August 05, 2013
    meaning can i log into the idp and only get a list of applictions that i am allowed to see?

  • Anonymous
    August 05, 2013
    current adfs shows ALL relying parties configured against it, disregarding my logo access, can we have access control on the list in anyway?

  • Anonymous
    August 08, 2013
    Hello Steve and everybody else :-) I have tried to create a new separate "AD FS Terms of Use" page in ASP.NET and put it in C:Inetpubadfsls with the rests of the AD FS files. It's a very simple page and it works in Visual Studio but not on my ADFS 2.0 CU2 server. I finally managed to create a "AD FS Terms of Use" by copying the idpinitiatedsignon.aspx page, renaming it to tou.aspx and commenting out almost all the code it originally contained and adding my own (I also made a copy of idpinitiatedsignon.aspx.cs and renamned it tou.aspx.cx and added a method to handle a simply Close page button). The page works great with the original content being commented out so I thought that since it's commented out and not in use I might as well remove it but then the page fails to load. What I cannot understand is why it works when the orignial ASP.NET code is simply commented out but not when it's removed. If it's commented out it's not in use right so what is the difference? Is there some mechanism that checks the aspx files for original "AD FS" content in order for them to work? Best Regards Robert

  • Anonymous
    September 05, 2013
    Hi Steve, Adding an hyperlink is not working as expected. After putting the <a href="www.contoso.com/privacy.htm">View our full privacy policy online</a>  inside the test block,  I am only getting a blank page. Anyways, Thanks a lot for the detailed post. Helped me a lot. Cheers Shaba

  • Anonymous
    September 12, 2013
    I can also confirm here that adding a hyperlink within the disclaimer causes a blank page. How can you enter a hyperlink?

  • Anonymous
    October 22, 2013
    Which, if any, of these changes requires recycling/restarting the apppool or the IIS server? I suspect that changing the web.config requires an app pool to recycle?

  • Anonymous
    October 25, 2013
    Curious George, making a change in the web.config shouldn't require a recycle of the app pool. You might need to clear your browser cache in order to see the change.

  • Anonymous
    October 28, 2013
    Make sure not to leave similar named files in C:inetpubadfslsApp_GlobalResources or receive Compiler Error Message: CS0101: The namespace 'Resources' already contains a definition for 'CommonResources'

  • Anonymous
    November 05, 2013
    Hi all, just reporting back after we made these changes last weekend. None of them required restarting any services or recycling app pools. All of the changes took effect immediately. Thanks again for a thoroughly documented procedure.

  • Anonymous
    April 07, 2014
    Is there a way to add the RSA secure id pin field to the ADFS 2.0 proxy login page so the user will see just one page instead of two? Currently they see the RSA login page first, authenticate, then hit the ADFS proxy page and enter their on premises AD credentials.

  • Anonymous
    April 08, 2014
    Hello, has anyone figured out how to set the focus to the Username field when the login form loads? I found that the ID of the field is ct100_ContentPlaceHolder1_UsernameTextBox. And I tried adding the following in the Header



    But, that didn't seem to work. Does anyone have any ideas why?

  • Anonymous
    April 08, 2014
    Sorry, Here's the Code Block:
    ""

  • Anonymous
    April 08, 2014
    Damnit...

  • Anonymous
    April 08, 2014
    I figured out how to do this if someone can tell me how to post code snippets to this page I will share.

  • Anonymous
    April 21, 2014
    Scott, I am not sure how code snippets can be shared but I am very curious on how you set the focus in the Username field. Any chance you can comment on your process?

  • Anonymous
    May 06, 2014
    Great info, thanks!

  • Anonymous
    July 15, 2014
    Fab site, great work!

  • Anonymous
    August 21, 2014
    How can i change (reduce or increase) the font size of Disclaimer which i addedd

  • Anonymous
    August 21, 2014
    Hi Steve
    How can i change (reduce or increase) the font size of Disclaimer which i added please let me know

  • Anonymous
    September 12, 2014
    How remove this site. I want access direct claim relying party.

  • Anonymous
    August 03, 2015
    Merci pour la démarche, c'est propre et claire!!!

  • Anonymous
    August 29, 2015
    Thanks! Great tutorial!

  • Anonymous
    October 14, 2015
    Thank you for the detailed post, the Microsoft support told me that it need use the Visual Studio 2008 to modify only.

  • Anonymous
    October 15, 2015

    GET YOUR PROBLEM SOLVE TODAY WITH MY PROFESSION IN ANY SPIRITUAL SPELL OR ANY KIND OF PHYSICAL BATTLE THAT NEED, MY NAME IS DR SYLVESTER AND THIS IS MY EMAIL FOR CONTACT (stbenson391@gmail.com) OR YOU CAN FOLLOW HIM UP ON FACEBOOK BY MY NAME (SYLVESTER E BENSON) ON FACEBOOK OR CALL ME ON MY MOBILE NUMBER +2348136090988, AM ALWAYS AVAILABLE TO RENDER YOU HELP WITH EXPERIENCE OF 32 YEARS IN SPELL CASTING AND HERBAL MEDICURE TO CURE ANY KIND OF DISEASE THAT YOU MAY HAVE, CONTACT ME ON ANY KIND OF ISSUES.