Changing default eportfolio page

[Guyute97]

Hi all,
I have made eportfolio my default web page for anyone acessing the server. The one question I have is I do not allow guests access to anything. I want to force users to log on right away rather than needing to click log on from the main page. Anyone have an idea of what I need to change?

Thanks!!!!

--Guyute

 

[MJRBIM]

What type of security are you using - Enterprise, LDAP, Windows NT?

 

[Turkbear]

Hi,
Build a separate logon page and make that the default page.

Here are 2 related ones that we use:

Login.csp:

<html>
<head>

<% @Language=&quot;JavaScript&quot; codepage=65001%>

<%
// LOCALIZATION STRINGS *****************************************************************************************

var L_WELCOME=&quot;Welcome to the Crystal Reports Entry Point&quot;;
var L_NOTRECOGNIZED=&quot;Account Information Not Recognized&quot;;
var L_REENTER=&quot;Re-enter your user name and password, and click Log On.&quot;;
var L_UNSURE=&quot;If you are unsure of your account information, contact your system administrator.&quot;;
var L_PWR_BY_CD=&quot;Powered by Crystal Decisions&quot;;

// END OF LOCALIZATION STRINGS **********************************************************************************
%>

<!-- #include file=&quot;setcodepage.csp&quot; -->
<!-- #include file=&quot;helper_js.csp&quot; -->
<!-- #include file=&quot;handleerror_js.csp&quot; -->

<%
try
{	
	//PREVENT BROWSER FROM CACHING THE PAGE
	SetPageExpiry();

	var strErrMessage = GetSession(&quot;ErrMessage&quot;);

	var lastusr = GetCookie(&quot;lastusr&quot;);
	var lastaps = Request.ServerVariables.Item (&quot;WCS_NAME_SERVER&quot;);
	var lastaut = GetCookie(&quot;lastaut&quot;);
	var pwd = &quot;&quot;;
%>


<%
Response.Write(&quot;<link rel='stylesheet' type='text/css' name='stylelink' href='&quot;+GetLinkPath()+&quot;css/style.css'>&quot; + vbCRLF);
%>

<script language=&quot;javascript&quot;>

function logon() {
    document.forms['logonform'].submit();
}

function moveFocus() {
	document.logonform.usr.focus();
	document.logonform.usr.select();
}

</script>

</head>
<body onLoad='moveFocus();'>


<!-- HEADER -->
<table class=&quot;header&quot; width=&quot;760&quot; border=&quot;0&quot; cellpadding=&quot;3&quot; cellspacing=&quot;0&quot;>
<tr><td class=&quot;header&quot;>
<%
	Response.Write(L_WELCOME+&quot;!<br>&quot;);
%>
	</td>
</tr>
</table>

<table class=&quot;actions&quot; width=&quot;760&quot; border=&quot;0&quot; cellpadding=&quot;3&quot; cellspacing=&quot;0&quot;>
<tr>
	<td class=&quot;actions&quot;>
		Log On Using your Network ID and Password:
	</td>
</tr>
</table>


<br>

<!-- LOG ON FORM -->
<table class=&quot;results&quot; width=&quot;760&quot; cellpadding=&quot;3&quot; cellspacing=&quot;0&quot; border=&quot;0&quot;>

<tr>
	<td class=&quot;results&quot; valign=&quot;top&quot;>
		
		<table  cellpadding=&quot;3&quot; cellspacing=&quot;0&quot; border=&quot;0&quot;>
		<form name=&quot;logonform&quot; method=&quot;post&quot; action=&quot;logonapp.csp&quot;>
		<tr>
			<td class=&quot;results&quot; valign=&quot;top&quot;>APS Name:</td>
<%
Response.Write(&quot;			<td><input class='results' type='text' size='30' name='aps' value='&quot; + lastaps + &quot;' onFocus='javascript:document.logonform.aps.blur();'></td>&quot;);
%>
		</tr>
		<tr>
			<td class=&quot;results&quot; valign=&quot;top&quot; width=&quot;160&quot;>User Name:</td>
<%
Response.Write(&quot;			<td><input class='results' type='text' size='30' name='usr' value='&quot; + lastusr + &quot;'></td>&quot;);
%>
		</tr>
		<tr>
			<td class=&quot;results&quot; valign=&quot;top&quot;>Password:</td>
<%
Response.Write(&quot;			<td><input class='results' type='password' size='30' name='pwd' value='&quot; + pwd + &quot;'></td>&quot;);
%>
		</tr>

		<tr>
			<td class=&quot;results&quot; valign=&quot;top&quot;>Authentication:</td>
			<td>	
				<select name=&quot;aut&quot; style=&quot;width:198px&quot; class=&quot;results&quot;>
<%
	var sm = Server.CreateObject(&quot;CrystalEnterprise.SessionMgr&quot;);
	var authProgIds = sm.InstalledAuthProgIds;
	var count = authProgIds.Count;
	for(var i = 1; i <= count; ++i)
	{
		var ptypename = authProgIds.Item(i);
		var pname = sm.NameFromProgId(ptypename);
		Response.Write(&quot;<option value='&quot; + ptypename + &quot;'&quot;);
		if(lastaut == ptypename)
			Response.Write(&quot; selected&quot;);
		Response.Write(&quot;>&quot; + pname + vbCRLF);
	}
%>
				</select>
			</td>
		</tr>
		<tr>
			<td> </td>
			<td><input class=&quot;results&quot; type=&quot;button&quot; value=&quot;Log On&quot; onclick=&quot;javascript:logon();&quot;></td>
		</tr>
		</form>
		</table>
	</td>
		</table>
	</td>
	<td width=&quot;360&quot; valign=&quot;top&quot; class='error'>
<%
if(Request.QueryString.Item(&quot;action&quot;) == &quot;logonerror&quot; ) {
	Response.Write(&quot;		&quot;+L_NOTRECOGNIZED+&quot;<ul style='margin-top:0;margin-bottom:0;'>&quot;);
	if( strErrMessage != &quot;&quot; ) {
		Response.Write(&quot;		<li><b>&quot; + strErrMessage + &quot;</b>&quot;);
	}
	SetSession(&quot;ErrMessage&quot;, &quot;&quot;);
	Response.Write(&quot;		<li>&quot;+ L_REENTER);
	Response.Write(&quot;		<li>&quot;+ L_UNSURE);
	Response.Write(&quot;		</ul>&quot;);
}
%>
	</td>
</tr>
</table>
<table width='760'>
<tr>
    <td>
<%
    Response.Write(&quot;<br><br><br><br><br><br>&quot;);    
   
%>
    </td>
   
</tr>    
</table>
 
</body>
</html>
<%
}   //try
catch(e)
{
    WriteErrorGeneral(e.description);
}

It calls this page (logonapp.csp) to authenticate and call the first page of the app:

<% @Language=&quot;JavaScript&quot; codepage=65001%>

<!-- #include file=&quot;helper_js.csp&quot; -->
<!-- #include file=&quot;handleerror_js.csp&quot; -->

<%
//LOCALIZATION STRINGS *****************************************************************************************

var L_PASSWORDEXPIRED=&quot;Password Expired&quot;;

//END OF LOCALIZATION STRINGS **********************************************************************************
%>

<%
try
{
    //PREVENT BROWSER FROM CACHING THE PAGE
    SetPageExpiry();

    //********************************************

    var defaultusr;
    var defaultpwd;
    var defaultaps;
    var defaultaut;

    defaultusr = &quot;Guest&quot;;
    defaultpwd = &quot;&quot;;
    defaultaps = Request.ServerVariables.Item(&quot;WCS_NAME_SERVER&quot;);
    defaultaut = &quot;secEnterprise&quot;;

    //********************************************

    var usr;
    var pwd;
    var aps=defaultaps;
    var aut;

    if(Request.Form.Item(&quot;usr&quot;).Count != 0) {
    	usr = Request.Form.Item(&quot;usr&quot;);
    } else {
    	usr=defaultusr;
    }

    if(Request.Form.Item(&quot;pwd&quot;).Count != 0) {
    	pwd = Request.Form.Item(&quot;pwd&quot;);
    } else {
    	pwd=defaultpwd;
    }

    if(Request.Form.Item(&quot;aut&quot;).Count != 0) {
    	aut = Request.Form.Item(&quot;aut&quot;);
    } else {
    	aut = defaultaut;
    }

    //********************************************

    if( Request.QueryString.Item(&quot;action&quot;) == &quot;exit&quot; ) {
    	LogoffUser();
    	Response.Redirect(&quot;logonform.csp&quot;);
    } else if(Request.QueryString.Item(&quot;action&quot;) == &quot;newpwd&quot; ) {
    	newpwd = Request.Form.Item(&quot;newpwd&quot;);
    	oldpwd = Request.Form.Item(&quot;oldpwd&quot;);
    	try {
    		GetSession(&quot;IStore&quot;).EnterpriseSession.UserInfo.SetPassword(oldpwd, newpwd);
    		Response.Redirect(&quot;GetFolders.csp&quot;);
    		Response.End();
    	} catch (e) {
       		SetSession(&quot;ErrMessage&quot;, e.description);
    		Response.Redirect(&quot;newpwdform.csp&quot;);
    		Response.End();
     	}
    } else {
    	LogoffUser();
    	LogonUser(usr, pwd, aps, aut);
    	if( usr != defaultusr || pwd != defaultpwd || aut != defaultaut) {
    		SetCookies_LogonInfo(usr, aps, aut);
    	}
    }
}   //try
catch(e)
{
    WriteErrorGeneral(e.description);
}        

//********************************************
function SetCookies_LogonInfo(username, apsname, authentication ) {
	var expDate = new Date();
	expDate.setFullYear(expDate.getFullYear()+1);

	SetCookie(&quot;lastusr&quot;, username);
	SetCookieExpires(&quot;lastusr&quot;, expDate.getVarDate());
	SetCookiePath(&quot;lastusr&quot;, &quot;/&quot;);

	SetCookie(&quot;lastaps&quot;, apsname);
	SetCookieExpires(&quot;lastaps&quot;, expDate.getVarDate());
	SetCookiePath(&quot;lastaps&quot;, &quot;/&quot;);

	SetCookie(&quot;lastaut&quot;, authentication);
	SetCookieExpires(&quot;lastaut&quot;, expDate.getVarDate());
	SetCookiePath(&quot;lastaut&quot;, &quot;/&quot;);
}

//********************************************
function LogoffUser() {
	SetCookie(&quot;logontoken&quot;, &quot;&quot;);
	SetSession(&quot;userID&quot;, &quot;&quot;);	
	SetSession(&quot;IStore&quot;, &quot;&quot;);
}

//********************************************
function LogonUser(username, password, apsname, authentication) {
	var sm;
	var es;
	var ltm;
	//INSTANTIATE INFOSTORE OBJECT FOR SESSION
    try {
		sm = Server.CreateObject(&quot;CrystalEnterprise.SessionMgr&quot;);
    	es = sm.Logon(username, password, apsname, authentication);
	} catch (e) {
		//LOGON ERROR
		SetCookies_LogonInfo(usr, aps, aut);
		SetSession(&quot;ErrMessage&quot;, e.description);
		Response.Redirect(&quot;logonmulti.csp?action=logonerror&quot;);
		Response.End();
    }
	SetSession(&quot;IStore&quot;, es.Service (&quot;&quot;, &quot;InfoStore&quot;));
	SetSession(&quot;userID&quot;, username);
	SetSession(&quot;aps&quot;, es.APSName + es.ClusterName);
	try {
		ltm = es.LogonTokenMgr;
	} catch (e) {
		WriteErrorGeneral(e.description);
	}
	//WRITE THE LOGONTOKEN TO A COOKIE AND THE VIEW TOKEN TO A COOKIE
	try {
		SetCookie(&quot;logontoken&quot;, ltm.CreateLogonTokenEx(&quot;&quot;, 480, -1));
	} catch (e) {
		WriteErrorGeneral(e.description);
	}

	//CHECK IF PASSWORD HAS EXPIRED
	if (authentication == &quot;secEnterprise&quot;) {	
		if(es.UserInfo.PasswordExpiry == 0) {
			SetCookies_LogonInfo(username, password, authentication);
			SetSession(&quot;ErrMessage&quot;, L_PASSWORDEXPIRED);
			Response.Redirect(&quot;newpwdform.csp&quot;);
			Response.End();
		}
	}
	Response.Redirect(&quot;GetFolders.csp&quot;);
}
%>

The Response.Redirect calls the applications first page ( in your case ePortfolio, in mine GetFolders.csp) - you may have to modify ePortfolio's code to recognize the authentication token.

Hope it helps..

 

[mdwyer]

For one thing, you can set a secure password for the Guest account. However, we have "unmanaged" reports run on the CE server and need the Guest account and without a password.

To prevent an automatic CE logon to Guest, edit logon.csp and change the null password at line 42:

//var defaultpwd = ""; // Replaced by the following line to prevent... 09/19/2002 mjd
var defaultpwd = "iNvAlId"; // ...auto-login to a no-password Guest account 09/19/2002 mjd

 

[Guyute97]

Great. Thanks folks. The sign-on page is great, thanks for that.

We are using NT authentication. Tried to use the AD, but it was just a horrible mess. Couldn't get it to recognize the AD groups.

--Guyute

 

[Guyute97]

Sorry, forgot to mention that the changing of the defaultpwd in logon.csp was a really quick change that got the result.

--Guyute

 

[synapsevampire]

Or just go into the CMC as the Administrator and set a password for the guest...no code changes required.

-k