Tuesday 10 August 2010

Single authenticated point of entry to iNotes for all your users

It has been a while since I did a Domino Geek posting, however I came across this today and thought I would share it. Basically you can if you know the URL get into your Lotus Notes eMail via a browser. The problem is that most users can be .. well .. forgetful and having to remember a big long string of characters is a bit of a pain that and we wanted a single URL that would (a) authenticate the user and (b) open the mail file so we came up with this solution.

*Edit* It has been pointed out in the comments that there is a "Redirect" function  built into notes, there is and it very useful, however it does require some work on each server and when you have lots of servers in remote locations using different languages and to be honest I wanted a simple one stop shop, replicate it to all servers when needed. what follows is an alternate to, but not necessarily better than what is provided naturally **

A single NSF with a short URL  http://[yourserver]/wmg.nsf/wmail.html
This launches a page that looks like this

The user logs in and if successful their mail file opens.

So how did I do this?

A) When the Button on form on the page is clicked a call is set up to
names.nsf?login with the PostData set up with the userid and password
most importantly there is also a "REDIRECTTO=" parameter in the PostData that directs (on successful authentication) to an agent called OPENMAIL

B) The call to the url with the postdata is sent to the server via an AJAX call

C) If the authentication fails the AJAX call receives the default login page, and an error msg is sent to the user

D) If authentication is sucessful the REDIRECTTO parameter is called directing the browser to the OPENMAIL agent.

E) The OpenMail agent does a look up on the NAB and extracts the mail file name for the user

F) The URL that will open the user's mail file is constructed on the server and returned to the browser as a JSON variable.

G) The URL is used in some JS to change the location.href, and since the browser is now authenticated the mail file opens.(in this case in LITE mode you can tweak the code the way you see fit)


Proper un-encrypted and ACLed file

Download .. stick in the data dir of your server, sign it, sign it again (just to be sure) and got to http://[yourserver]/wmg.nsf/wmail.html or add the link to your intranet 


Disqus for Domi-No-Yes-Maybe