SECURING
HCL Domino® provides a default HTML log-in form to allow a user to enter a name and password, and then use that name and password for the entire user session. The Web browser sends the user's name and password to the server using the server's character set. Therefore, a user can enter a name and password in a character set other than ASCII or Latin-1.
About this task
The terms log-in and sign-in are used interchangeably.
The available set of characters to use for user name are different for basic authentication and session-based authentication.
Table 1. Available characters for name authentication
This form is created and configured in the Domino Web Server Configuration database (DOMCFG.NSF). You can customize the form to contain additional information. To do this, the Domino Web server must be set running.
To create and use a custom sign-in form, you must complete these procedures:
Creating the Domino Web Server Configuration database (DOMCFG.NSF)
Procedure
1. From the Domino Administrator choose File -> Application -> New.
2. Enter the name of the Web server in the Server field.
3. Select Show Advanced Templates.
4. Select the Domino Web Server Configuration template (DOMCFG5.NTF).
5. Enter a title for the database.
6. In the File name field, enter DOMCFG.NSF.
8. Add an entry named Anonymous to the database ACL, and give the entry Reader access.
Creating a custom form
The simplest way to create a custom log-in form is to modify a copy of $$LoginUserForm, the example log-in form provided in the Domino Configuration database. You can also create a new log-in form.
1. In the Domino Designer client, open the Domino Configuration database (DOMCFG.NSF).
2. Choose View -> Design.
3. Do one of the following:
Specifying the custom form as the log-in form
1. In the Notes® client, open the Domino Configuration database (DOMCFG.NSF) and open the Sign In Form Mappings view.
2. Click Add Mapping.
3. Under Site Information, choose one:
5. Enter the file name of the database that contains the custom form. This should be DOMCFG.NSF unless you store the custom form in a different database.
6. Enter the name of the custom log-in form.
7. Save and close the document.
Configuring error messages
You can enable session-based Web authentication to return error messages for log-in failures and session time-outs. This is accomplished by configuring two fields on your custom login form -- the reasontext and reasontype fields. DOMCFG5.NTF includes these two fields in the default form provided, $$LoginUserForm. (To obtain the changes, you must refresh or replace the design of DOMCFG.NSF with the most current DOMCFG5.NTF).
The five cases that cause the Login form to appear are encoded in the field reasontype and include:
Related tasks Setting up a Domino server as a Web server Setting up session-based name-and-password authentication