Page 1 of 1
Atrium Expired Password handling
Posted: Mon Dec 07, 2015 9:49 am
by arora.saurabh
Hello,
We are getting continuous request from our users about the account lock as the Atrium did not warn/inform about the Expired password.
We have already set the data area profoundUI/PUIPWDMGT to '1'.
On analysis, we found that if we use the URL
http://server:8080/profoundui/atrium, browser warn about the expired password and prompt to change it but if we use the URL
http://server:8080/profoundui/atrium/menu, then browser do not show any warning about the expired password. It keeps on showing the login screen again and again.
Request you to please advice how we can handle accounts being locked in case users use the other URL.
Thanks in advance !!
Thanks,
Saurabh Arora
Re: Atrium Expired Password handling
Posted: Mon Dec 07, 2015 10:45 am
by Scott Klement
When you use the /profoundui/atrium URL, you are using Profound Logic's sign-on screen for Atrium. We have written code there that will handle expired passwords.
When you use the /profoundui/atrium/menu link, you are bypassing Profound's sign on, and instead using the browser's built-in authentication system. We do not have a way to change the code there, since it is built-in to the browser. As such, we do not have any way to control how it works with expired passwords.
We would recommend using the /profoundui/atrium URL.
Re: Atrium Expired Password handling
Posted: Tue Jan 19, 2016 3:19 pm
by cp4cartman
I want to follow up on this.
We have our "users" landing on the /profoundui/atrium URL. They log in, and it takes them to the menu site. What we have happening, is they are book-marking the /menu page. Sounds identical to the initial question.
Our issue, is that we don't have any way to force them to re-bookmark. Is there any way to stop them from bookmarking the /menu page? Or, if they do, to actually bookmark the /profoundui/atrium site instead?
This is a real problem for us, and as we drive more of our users to the Atrium site, it will become more of an issue.
Re: Atrium Expired Password handling
Posted: Wed Jan 20, 2016 5:36 pm
by Scott Klement
Hmm... maybe create an HTML page that hides the real URL by putting it into a frame? I haven't tried that, but it might be worth a try.
Re: Atrium Expired Password handling
Posted: Wed Jan 20, 2016 6:29 pm
by Scott Klement
Okay, I tried this quick, and it seemed to work. Here's what I did:
1) Create a new IFS file named /www/YOUR-INSTANCE/htdocs/atrium.html
2) In that IFS file, put the following:
Code: Select all
<!DOCTYPE html>
<html>
<head>
<title>PFG Atrium</title>
</head>
<frameset rows="100%,*" border="0">
<frame src="/profoundui/atrium" frameborder="0" />
<frame frameborder="0" noresize />
</frameset>
</html>
3) Don't tell your users about the regular /profoundui/atrium link, instead have them always point their browsers at http://your-system:port/atrium.html
When this runs, the atrium.html file that you just created will always be the one they see in their URL bar, and if they bookmark it, it'll always point to the atrium.html file. Under the covers, of course, it runs the /profoundui/atrium link, which still switches to /profoundui/atrium/menu -- but the user will never see this and will not be able to bookmark it.
Hope that helps