Try OpenEdge Now
skip to main content
Customization Guide
Customizing Login pages using BPM Sign-on API : Sample of a customized Login page
 

Sample of a customized Login page

The following sample customization is designed for an organization that already has a portal/SSO capability and wants to integrate with Business Process Portal. Since the user has logged in with the organization, it does not want the user to be required to log in a second time for Business Process Portal. The sample below contains a section where the organization can perform its custom lookup for the user name and password. This customization is not visible to the user, and will transparently submit the login information to the BPM Sign-on API servlet filter, log the user in, and then redirect to the user’s intended target page.

Sample of a customized login page

<%@ page import="java.util.*,
  java.net.*,
  com.savvion.BizPass.*,
  com.savvion.sbm.bpmportal.bizsite.api.*,
  com.savvion.sbm.bpmportal.bizsite.util.HexEncoder,
  com.savvion.sbm.bizmanage.api.*,
      com.tdiinc.common.*,
  com.gm.savvion.TokenCalculator,
      com.savvion.common.SBM,
  javax.servlet.http.HttpUtils,
  java.net.HttpURLConnection,
  java.net.URL" %>
<%@ page contentType="text/html;charset=UTF-8" %>
<%@ page errorPage="login_error.jsp" %>
<%
String _userID = "";
String _userPassword = "";
//Insert custom code for getting the user id and password here.
//_userID = <some custom code>;
//_userPassword = <some other custom code>;
String targetURL = request.getParameter("domainTargetURL");
// You can change this value to whatever default page you want to go to.
// Currently it is set to go to the Home->My Tasks page.
if (targetURL == null)
  targetURL = "myhome/bizsite.task";
//This code checks the target url for any HTTP parameters.
//By default the browser will ignore any HTTP parameters included in the action attribute of the form.
//If found it will insert them into the page as a hidden parameter so the form will pick them up.
String paramName=null;
String paramValue=null;
if ((targetURL.indexOf("?") > 0) && (targetURL.indexOf("=") > 0))
{  paramName=targetURL.substring(targetURL.indexOf("?")+1,targetURL.indexOf("="));
  paramValue=targetURL.substring(targetURL.indexOf("=")+1);
}%>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html >
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
  <tr>
    <td>
    </td>
  </tr>
  <tr>
    <td align="center"> <br>
  <%-- The form uses the post method so any http parameters will not be seen in the address bar of the user's browser. --%>
  <form name="login" action="<%= targetURL %>" method="post">
  <%-- This hidden field is for the http parameters if they are present. We don't include the line if there aren't any parameters. --%>
  <%= ((paramName != null&& paramValue != null)?"<input type=\"hidden\" name\""+paramName+"\" value=\""+paramValue+"\" />":"") %>
  <%-- These special names are picked up automatically by the BPM Sign-on API framework and use the values to log the user in. --%>
  <input type="hidden" name="BizPassUserID" value="<%= _userID %>">
  <input type="hidden" name="BizPassUserPassword" value="<%= _userPassword %>">
  </form>
<%--
  This javascript code automatically submits the form from the client (i.e. browser) side. The user normally won't see anything.
  The domainTargetURL is redirected to from within the BPM Sign-on API servlet filter.
  --%>
  <script language="javascript">
  <!--
  document.login.submit();
  -->
  </script>
    <br>
    </td>
  </tr>
</table>
</body>
</html>