Change the login and logout pages

 

+

Search Tips   |   Advanced Search

 

By default, when unauthenticated users attempt to access the myportal page, they get redirected to the login page to provide a user name and password. When using a WebSEAL or eTrust SiteMinder TAI for authentication, you no longer need to use the WebSphere Portal login screen. Instead, the login icon should point to the protected portal page.

In WebSphere Portal version 6.1.5, the Enhanced Theme (default) files are located in...

profile_root/installedApps/cell/EnhancedTheme.ear/wp.theme.enhancedtheme.war/themes/html/Enhanced/

Other theme directories remain unchanged and follow the naming schemes...

profile_root/installedApps/cell/wps.ear/wps.war/themes/html/themeName

To change the login and logout pages:

1. Make a backup copy of...
   AppServer_root/installedApps/node_name/wps.ear/wps.war/themes/html/theme_name/mainMenu.jsp

2. Open the banner.jspf file located in each theme's directory and subdirectory and find the login button section.

   By default, WebSphere Portal ships the banner.jspf with the Login screen section commented out, and the second section (Login Portlet) is not commented out.

3. Replace the login button anchor tag that is not commented out with the anchor tag...

    <a class=ToolBarLink href='<%= wpsBaseURL %>/myportal'>
        <wps:text key="link.login" bundle="nls.engine"/>
    </a> 
   
   

   Each href is highlighted in bold.

   The following example shows what the banner.jspf will look like after adding the above anchor tag:

     <%-- Comment this to enable screen login --%> 
     <portal-logic:if loggedIn="no">
       <portal-navigation:urlGeneration contentNode="wps.Login">
       
         <!-- Commented out the next href for Changing the Login Page
         <a tabIndex="7" class="toolbarLink" href='<% wpsURL.write(escapeXmlWriter); %>'>
             <portal-fmt:text key="link.login" bundle="nls.engine"/>
         </a>
         -->
       
         <a tabIndex="7" class="toolbarLink" href='<%= wpsBaseURL %>/myportal'>
            <portal-fmt:text key="link.login" bundle="nls.engine"/>
         </a>
       
       </portal-navigation:urlGeneration>
     </portal-logic:if>
     
     <%-- Uncomment this to enable screen login  
     <portal-logic:if loggedIn="no" notScreen="Login">
   
       <a class="toolbarLink" href='<%= wpsBaseURL %>/myportal'>
           <portal-fmt:text key="link.login" bundle="nls.engine" />
       </a>
   
     </portal-logic:if>
     --%>
   
   

   The previous example uses the 'wps:' prefix to designate JSP tags from the tag library in portal.tld. Your custom JSPs might use a different tag prefix.

   After updating banner.jspf, restart WebSphere Portal unless reloading is enabled.

4. Touch the Default.jsp file after editing any JSP files and before any restart. This updates the timestamp on the file to the current time and will signal a recompile of Default.jsp to incorporate the edit changes from other JSP files. Type: touch Default.jsp. An alternative is to edit (open and save) Default.jsp, which has the same effect as the touch command.

5. To modify the login behavior of the new Enhanced Theme, edit...
   profile_root/installedApps/cell/EnhancedTheme.ear/wp.theme.enhancedtheme.war/themes/html/Enhanced/Default.jsp

   ...and make the following modification to the file...

   Existing text...

       <%--Login-->
       <c:if test="${!ifLoggedIn}">
           <portal-navigation:urlGeneration contentNode="wps.Login">
               <a href='<% wpsURL.write(escapeXmlWriter); %>'>
                   <portal-fmt:text key="link.login" bundle="nls.engine"/>
               </a>
           </portal-navigation:urlGeneration>
       </c:if>
   
   

   Updated text...

       <%--Login-->
       <c:if test="${!ifLoggedIn}">
           <portal-navigation:url home="protected"/>
               <portal-fmt:text key="link.login" bundle="nls.engine">
           </a>
       </c:if>
   
   

   Restart the WebSphere_Portal server unless reloading is enabled.

6. To change the logout behavior:

   1. Redirect the browser to navigate to the logoff page of the external security manager (ESM) after the WebSphere Portal logoff command executes. Learn how to invalidate the single sign on session of the ESM by reviewing the documentation provided by the ESM relating to logoff pages.

      • Tivoli Access Manager WebSEAL provides http://webseal/pkmslogout as a special URL to terminate the WebSEAL single sign on session

      • In eTrust SiteMinder, the Web Agent configuration object contains a property named LogoffUri where you can supply a URL to terminate the eTrust SiteMinder login session

   2. To enable WebSphere Portal to execute the ESM logoff URL after completing its logoff command:

      1. Specify the following values in the configuration service:

         • redirect.logout=true

         • redirect.logout.ssl=false or true, depending on your environment

         • redirect.logout.url=protocol://host_name/logout_page

         where protocol is the protocol of the ESM machine: http or https, host_name is the fully qualified host name of the ESM machine, and logout_page is the ESM page that users will be directed to when they log out. Refer to the ESM Administrator's Guide for information about using logout forms.

      2. Run...
         following

         to update the property:

         Operating system	Task
         Windows:	ConfigEngine.bat update-properties -DWasPassword=password from the profile_root/ConfigEngine directory
         UNIX:	./ConfigEngine.sh update-properties -DWasPassword=password from the profile_root/ConfigEngine directory

   3. Restart the WebSphere_Portal server on the standalone server or on each cluster member.

Parent topic:

External security managers