Flashes (Alerts)
Abstract
This document identifies the supported versions of Microsoft Edge and provides the procedure for installing the AccessAgent single sign-on extension for Microsoft Edge.
Content
Applies to: IBM Security Access Manager for Enterprise Single Sign-On
You must install the extension so that you can single sign-on to web applications and generate web signatures through Microsoft Edge with AccessStudio.
- Prerequisites
- Download package
- Enhancements
- Resolved defects
- Installing the extension
- Uninstalling the extension
- Known issues and limitations
- Creating AccessProfiles for Microsoft Edge
- Troubleshoot AccessProfiles
- Revision history
Ensure that your system meets the following requirements:
- AccessAgent 8.2.2 with fix pack 21 or later is installed.
- Web Autolearn AccessProfile , Version 1.2 or later.
- Microsoft Edge (latest release).
- Windows 10, version 1709 (Fall Creators Update) or later.
- Microsoft Visual C++ Redistributable for Visual Studio 2019 is installed.
- For Windows 32-bit, install the x86 version of the redistributable.
- For Windows 64-bit, you must install both the x86 and x64 versions of the redistributable.
Download package
| Extension | Date modified | Size | Download |
|---|---|---|---|
| Microsoft Edge extension Version 8.2.2.0532 | 30 September 2020 | 11.8 MB |
Enhancements
- Single sign-on support is enhanced for Angular web applications.
- Microsoft Edge web extension is updated to support Microsoft Windows 10, Version 1903.
- Web signature generation functionality is now enhanced with the Microsoft Edge web browser for creating AccessProfiles.
30 November 2018: Version 8.2.2.0386
- You can now generate web signatures with the Microsoft Edge browser for creating AccessProfiles.
Resolved defects
- APAR IJ25121: Unnecessary credential capture pop-up in case of 'bearer' authentication scheme.
- Code signing of installer and uninstaller executables
- APAR IJ23705 Resolved Microsoft Edge Extension Performance issue.
- APAR IJ23706: Updated extension to support the latest Visual C++ Redistributable Package.
- APAR IJ19846 Fixed Microsoft Edge extension digital signature expiration issue.
- APAR IJ12224: Web signature generation issue fixed for iframes.
30 November 2018: Version 8.2.2.0386
- Crash observed in the web extension when closing the browser with one tab left.
- Fixed an issue for silent installations where a prompt would display and interrupt the silent installation process.
31 July 2018: Version 8.2.2.0160
- Installation and uninstallation issue when AccessAgent is not installed in the default installation directory.
- Microsoft Edge web extension now supports Microsoft Windows 10, Version 1803.
20 April 2018: Version 8.2.2.0158
- None.
Installing the extension
Part 1: Enable sideloading of apps
Ensure that sideloading of apps is enabled on the computer.
- From the Windows 10 Start menu, search for ‘For developers settings’.
- Under the Use developer features area, select Sideload apps.
Part 2: Set up the extension in Microsoft Edge
- Install the ISAM ESSO extension for Microsoft Edge.
- Run edge-extension.installer.exe.
Note: You must run this procedure with the currently logged in user privileges only.
- Run edge-extension.installer.exe.
- Ensure that the extension is successfully installed.
- Open Microsoft Edge.
- If a prompt Extensions from unknown sources is displayed, select Turn on anyway.
- From the toolbar, click
, and select Extensions. - From the Extensions panel, ensure that ISAM ESSO is enabled.
- If you have multiple Windows accounts sharing the same computer, repeat step 1-2 for each account.
Part 3: Update the AutoLearn AccessProfile
- On the IMS Server, backup the earlier version of the Autolearn AccessProfile, sso_site_web_auto_learn, and then delete the earlier version from your server.
- Upload the updated AccessProfile, sso_site_web_auto_learn, that to the IMS Server.
For more information, see Uploading information. - Synchronize the AccessAgent with the IMS Server.
Note: Basic Authentication support for Microsoft Edge does not require any AccessProfiles. The web extension provides bundled support for Basic Authentication.
Uninstalling the extension
- For Microsoft Edge, on Windows 10, disable the extension.
- Close any running instances of Microsoft Edge.
- Run edge-extension.uninstaller.exe.
Note: You must complete this procedure with the currently logged in user privileges only. - Start Microsoft Edge.
- From the toolbar, click
. - Click Extensions.
- Verify that the extension is no longer displayed on the following platforms.
- On Microsoft Windows 10, the extension is still displayed. Select the ISAMESSO extension and click Uninstall.
- If you have multiple Windows accounts sharing the same computer, repeat steps 1 to 6 for each account.
Known issues and limitations
- For Windows 10, the Edge Extensions uninstaller application does not completely remove the ISAMESSO icon on the toolbar, or the extension from the list of Microsoft Edge extensions.
Workaround: After you run the Edge extension uninstaller, launch Microsoft Edge. Click, then click Extensions, and click Uninstall. - The Browser starts navigating form page trigger fires when a Web form on the page is submitted.
- The AccessStudio Web Finder tool is not supported on Microsoft Edge. To generate the signature, use the Internet Explorer web browser.
- The following web triggers are not supported:
- Browser closed
- The following web actions are not supported:
- Register for SCR with the IMS Server
- Perform SCR with the IMS Server
- The following Run Script APIs are not supported:
- runtime.GetBrowserObjectFromHTMLDocument
- runtime.GetBrowserTopLevelWindow
- runtime.GetHTMLDocument
- runtime.GetHTMLElementsFromXPath
- runtime.GetWebAgentController
- windowcontroller.GetHTMLDocumentFromWindow
- Installation and uninstallation of the web extension for Microsoft Edge may take some time.
- For the Basic Authentication, the ISAM ESSO Capture Credential prompt, might appear in the background.
- In certain scenarios, highlighting of HTML elements from the generated web signature might not work, although the AccessProfile with the generated web signature will work.
- Press the space bar if Window Signature is Invalid popup displays behind the Highlight Control notification window.
Creating AccessProfiles for Microsoft Edge
To create AccessProfiles for Microsoft Edge, install the AccessStudio.
Troubleshoot AccessProfiles
In general, AccessProfiles for web applications that you create for Internet Explorer will also work with Microsoft Edge.
If an AccessProfile that you create, is working in Internet Explorer but not Microsoft Edge, use the following troubleshooting steps.
Increase the log level for AccessAgent
In the registry editor, browse to HKEY_LOCAL_MACHINE > SOFTWARE > IBM > ISAM ESSO > ECSS > DeploymentOptions.
Collect logs from the Microsoft Edge browser
- Open the Microsoft Edge browser.
- Press F12 to open Developer Tools.
- Recreate the problem.
- In Console, in the All tab, select all the content, and copy it to a file named EdgeBrowserConsole.log.
- Copy this file to <aa_install_folder>\logs.
If the issue is related to identifying a web element, see Reviewing the signature from the Microsoft Edge browser.
Note: If you are requested by IBM Support, package the logs folder into a file and send the compressed file to IBM Support.
Reviewing the signature from the Microsoft Edge browser
Before you review the signature, ensure that you have exported the browser console logs to EdgeBrowserConsole.log. See Collect logs from the Microsoft Edge browser.
For a single sign-on AccessProfile to work successfully, you must find the correct web element signature. The following line is an example of a typical signature:
/child::html/descendent::form/descendent::input[@tag_name="input" and @type="password"]
In the EdgeBrowserConsole.log, this line indicates that the signature is not found. This line appears in the logs that you collect from the Browser Console.
WebFinder Result: Parse error; xpath = "/child::html/descendent::form/descendent::input[@tag_name=\"input\" and @type=\"password\"]"
To diagnose this problem, follow the steps below:
1. Look for the following line. In this line, the parser starts to look for the signature.
---- PROCESS QUERY STARTS: xpath = /child::html/descendent::form/descendent::input[@tag_name="input" and @type="password"] ----
2. For each step of the XPath, you can see a corresponding set of properties. For example, for the /descendent::form,
---- PARSER INTERNAL STARTS: After getDescendantFormNode ----
_vecCurrentElements = Array (
[0] => { tag: FORM, id: tsf, name: f }
)
_State = 0
_currentOperator = 0
_currentPredOperator = 0
_mmCurrentClause = { op: 0, vecNVPairs = Array ( ) }
_mmCurrentPredicate = Array ( )
_wsCurrentExprName =
_wsCurrentExprValue =
_wsAttributeName =
_wsAttributeExpr =
_wsPostEvalExprValue =
_vecAttributes = Array ( )
---- PARSER INTERNAL ENDS ----
- Note the action getDescendantFormNode. This is the action being performed. This action shows which step of the parsing is being run.
- _vecCurrentElements is the current set of matches found after running the action. The result of getDescendantFormNode is a FORM with the NAME f and ID tsf
3. For predicates or conditions, such as [@tag_name="input" and @type="password"], look for reducePredicate: @tag_name="input" and @type="password" .
reducePredicate: @tag_name="input" and @type="password"
---- PARSER INTERNAL STARTS: After reducePredicate ----
_vecCurrentElements = Array ( )
_State = 4
_currentOperator = 1
_currentPredOperator = 0
_mmCurrentClause = { op: 0, vecNVPairs = Array ( ) }
_mmCurrentPredicate = Array ( )
_wsCurrentExprName = type
_wsCurrentExprValue = password
_wsAttributeName =
_wsAttributeExpr =
_wsPostEvalExprValue =
_vecAttributes = Array ( )
---- PARSER INTERNAL ENDS ----
- Note that _vecCurrentElements at this point is empty. This implies that no element is found to match this condition.
- Review the previous lines on the logs to identify precisely where _vecCurrentElements is set to an empty value. From this information, you can identify the first action that resulted in a no-match.
- Check the information provided for the HTML elements that matched the previous action or clause to identify what is missing. For instance, the last log entry with some matches was in getDescendantInputNode.
---- PARSER INTERNAL STARTS: After getDescendantInputNode ----
_vecCurrentElements = Array (
[0] => { tag: FORM, id: tsf, name: f }
[1] => { tag: INPUT, name: sclient, type: hidden }
[2] => { tag: INPUT, name: site, type: hidden }
[3] => { tag: INPUT, name: source, type: hidden }
[4] => { tag: INPUT, id: lst-ib, class: gsfi, name: q, type: text }
[5] => { tag: INPUT, id: gs_taif0, class: gsfi }
[6] => { tag: BUTTON, class: lsb, name: btnG, type: submit }
[7] => { tag: INPUT, name: oq, type: hidden }
[8] => { tag: INPUT, name: gs_l, type: hidden }
[9] => { tag: INPUT, name: pbx, type: hidden }
)
_State = 0
_currentOperator = 0
_currentPredOperator = 0
_mmCurrentClause = { op: 0, vecNVPairs = Array ( ) }
_mmCurrentPredicate = Array ( )
_wsCurrentExprName =
_wsCurrentExprValue =
_wsAttributeName =
_wsAttributeExpr =
_wsPostEvalExprValue =
_vecAttributes = Array ( )
---- PARSER INTERNAL ENDS ----
- Note that in the list of matched elements, none of the INPUT fields found has a type called password causing the condition to fail.
You can use the approach described in this example as an alternative to opening the HTML source. Opening the HTML source can be misleading because of the quirks in the browser.
Tip: Blocks for reduceExprName, setOperator, reduceExprValue and postEvalExprValue can be usually ignored.
Check the properties of web elements for Internet Explorer and Microsoft Edge
Under some instances, some web applications might use different properties for the same web element in Microsoft Edge and Internet Explorer.
In the section Reviewing the signature from the Microsoft Edge browser, if you discover that the signature is found in one browser but not the other, consider tweaking properties for the web elements for both Internet Explorer and Microsoft Edge.
Examples of properties include name, id, type.
To inspect the web elements:
- Launch the web application in both Internet Explorer and Microsoft Edge.
- In each browser, press F12 to open Developer Tools.
- Click Elements.
- Click
. - Identify the web elements properties that are common between the web browsers and modify the signature in AccessStudio accordingly.
- If a generated web signature contains dynamic attributes, for example, attributes values change after each page loads or attribute values are different across browsers, then you must remove these dynamic attributes. Modify the web signatures by identifying common and static attributes that you can use across different browsers.
Revision history
| Date | Description |
| 30 September 2020 | Version 8.2.2.0532. Defect fixes. |
| 12 June 2020 | Version 8.2.2.0489. Defect fixes. |
| 27 March 2020 | Version 8.2.2.0487. Defect fixes and enhanced single sign-on support for Angular web applications. |
| 2 October 2019 | Version 8.2.2.0415: Fixed Microsoft Edge Extension digital signature expiration issue. |
| 22 July 2019 | Version 8.2.2.0410: Updated to support Windows 10, Version 1903. |
| 29 March 2019 | Version 8.2.2.0404: Defect fixes and updated support for web signature capture with AccessStudio. |
| 30 November 2018 | Version 8.2.2.0386. Updated to support capturing web signatures for use with AccessStudio. |
| 31 July 2018 | Version 8.2.2.0160. Defect fixes and Windows 10, Version 1803 support. |
| 20 April 2018 | Initial. |
Related Information
Was this topic helpful?
Document Information
Modified date:
28 October 2021
UID
swg22015232