This is how I finally did it. I've checked it and seems to be fine:
You have to edit the logon page on:
Access Policy / Customization / Advanced
Then, in the folder tree structure on the left, you have to go to:
Customization Settings / Access Profiles / / Access Policy / Logon Pages / Logon Page / logon.inc
By clicking the "logon.inc" file, you should see an editor on the right.
There, you'll see the section where new password is required:
// varname _F5_challenge is reserved post var name for challenge password
if ($challenge == 1) {
$fields_settings = array( 1 => array( "type" => "password", "name" => "_F5_challenge", "varname" => "password", "rw" => "1", "caption" => "" ),
2 => array( "type" => "none" ), 3 => array( "type" => "none" ), 4 => array( "type" => "none" ), 5 => array( "type" => "none" ) );
You have to set the second field of the array to get a new field on the form. Also, you may add a "caption", which will be the text before the field:
// varname _F5_challenge is reserved post var name for challenge password
if ($challenge == 1) {
$fields_settings = array( 1 => array( "type" => "password", "name" => "_F5_challenge", "varname" => "password", "rw" => "1", "caption" => "New pass" ),
2 => array( "type" => "password", "name" => "_F5_verify_password", "varname" => "verify_password", "rw" => "1", "caption" => "Verify new pass" ), 3 => array( "type" => "none" ), 4 => array( "type" => "none" ), 5 => array( "type" => "none" ) );
Using that field "name" and "varname", the code will automatically check whether the two fields match.
That is done on the verifyNewPassword function, which I also edited to check the field length:
Look for this code:
if( inputs[0].value != inputs[1].value ){
alert("%[wrong_match]");
inputs[0].focus();
return false;
}
There is where the code checks if two inputs match.
Then, I added:
else {
if( inputs[0].value.length < 6 ){
alert("New password must have 6 characters at least.");
inputs[0].focus();
return false;
}
So the verifyNewPassword function will look like this:
function verifyNewPassword()
{
var form = document.getElementById( globalFormId );
if( form == null ){
return true;
}
var inputs = form.getElementsByTagName("input");
if( inputs.length >= 2 && inputs[0].name == "_F5_challenge" && inputs[0].type == "password" && inputs[1].name == "_F5_verify_password" && inputs[1].type == "password" ){
if( inputs[0].value != inputs[1].value ){
alert("Two fields doesn't match.");
inputs[0].focus();
return false;
} else {
if( inputs[0].value.length < 6 ){
alert("New password must have 6 characters at least.");
inputs[0].focus();
return false;
}else{
// Not sending the second field.
inputs[1].disabled = true;
try{
if( window.external ){
if( undefined != window.external.WebLogonPassword ){
window.external.WebLogonPassword = inputs[0].value;
}
}
} catch(e) { }
}
}
}
return true;
}
Then, just save the code and apply the new policy.