The hard part isn't really making the token, so much as making the token safely and not putting code out there that can be called by other code, which will make tokens for just anyone's name you pick. In any case, (and by proxy Barton) the use of that Java call to build your own LTPAToken is absolutely every bit as valid as the way NCTRM does it with a couple of API calls.Īs I said earlier - there's nothing here that would prevent someone from rolling their own really good solution, other than time and a bit of skill. You could do that now if you used the advanced documentation to build it yourself, but I think it should come with the tool. What my next plan for Remember Me is, would be create a drop in replacement for the Domino Session based login form that implements it site-wide in one step. I've seen so many servers crash from people's mistakes in DSAPI that I try to avoid it at all times. I may do a dsapi verson later, but I REALLY don't like DSAPI. The html calls the script, puts the checkbox on the page (ready for css to modify) and handles all the functionalty.įor more advanced uses, there are documented calls so you can do it yourself. In the most basic installation, you can add "remember me" to a web page by copying a very short block of html onto the page and then you're done. The script itself is generated dynamically by the database that implements remember me. The script actually generates the checkbox and implements the functionality, including any cookies that are needed. A script is referenced from the page where the remember me checkbox lives.
The remember me product comes with teh dll and a license key you drop on the server, and a notes database template that implements the function. The danger with DSAPI is that its ALWAYS running for every single web transaction. NCT Remember Me uses a dll on the server, but not DSAPI.
Sorry, someone pointed me to this today so I thought I'd answer: Changing that attribute allows the browser to do the inherent "remember me" This was awhile ago, and I don't remember what the attribute is called, but basically there is an attribute on the text box which prevents the browser from storing that information. This only works for Internet explorer, however, if you turn on NTLM for firefox, it works there as well.īasically any time I want to access any notes resource with single sign on, I access the URL on port 8081 and that facilitates the single sign on for me.Īs far as the Remember Me option, I have also modified the forms database that maintains the login page and modified the attribute to allow remembrance.
Basically its an ISAPI Filter running in IIS that forwards your windows credentials to the domino server, so in turn you need to have their Network accounts added to the Domino directory. I've set this up on multiple domino servers version 6.5 - 8.0.1. If this is within a corporate network, and Domino is installed on a windows server, you can use the iisWASPlugin for single sign on to pass credentials to Notes.
What I wondered was if anybody else had tackled this already? If so, how? Comments What I need to do is find which would be the least insecure. Whether they'd work or not I don't know until I've tried them out. Having spent some time thinking about it I've got a few ideas floating about in my head. I need to advise just what the cost is on both sides of the coin. Now though I have a user who really wants this feature, whatever the cost (in terms of actual cost to implement and in terms of lost security). On occasion I'll go on to to suggest that most current browsers give the user the option to remember the form details anyway.
Each time I explain that it's not possible with Domino and, even if it were, it's not advisable. Adding a Remember Me Feature to Domino for Automatic Login Mon Įvery now and then I get asked about adding a "remember me" feature to a Domino login page so that the user doesn't need to remember/enter their name/password each time.