I use IIS (on a Win 2K server) and Domino 6.5 to provide a better user
experience.
Instead of the user getting a logon prompt if they have inadequate permissions
(or are not found in the NAB) they get a friendly web page explaining the
position and what they might do about it.
I'm assuming you are using IIS in a Windows Server (Domain) environment, so IIS
will authenticate the user and pass to Domino the NT logon name, in the format
Domain\Logon, which must exist in the NAB as one of your user names. Domino
'translates' the synonym back to the primary Notes name. In this way users are
not presented with logon prompts.
But if a user has inadequate permissions to access a database then they WOULD
normally be promted for a logon - which doesn't help in an IIS environment
because you're already logged on.
To avoid this, follow these steps:
1. Apart from the usual ACL entries, set the DEFAULT entry with NOACCESS but
with Read AND Write public documents. Assign this ACL entry a ROLE of
'[Unauthorised]' (or any other name you like).
2. Ensure the initial launch page of your database is available to Public users.
So far, this ensures that ANYONE will at least get to the launch page - which
does not need to be a true launch or home page at all. Thus:
3. In the public access home page, run an OnLoad function that checks the
current user's role. Eg: if (document.getElementById("UserRole").innerText ==
"[Unauthorised]") ... which looks at the value of a CFD field in a named SPAN
or DIV block that is set to 'display:none' in its style.
4. If the user does not have the Role set then just forward them to the real
home page via a simple 'window.top.location' or similar.
5. Unauthorised users stay on the initial home page and you can make a DIV
block visible that explains they do not have the necessary permissions, or that
they could not be authenticated etc and what they should do about it.
6. In this way, a user will never see a logon prompt (which just confuses them)
when permissions are inadequate on a database.
I use this all the time now and users end up with a much better experience!
I use IIS (on a Win 2K server) and Domino 6.5 to provide a better user experience.
Instead of the user getting a logon prompt if they have inadequate permissions (or are not found in the NAB) they get a friendly web page explaining the position and what they might do about it.
I'm assuming you are using IIS in a Windows Server (Domain) environment, so IIS will authenticate the user and pass to Domino the NT logon name, in the format Domain\Logon, which must exist in the NAB as one of your user names. Domino 'translates' the synonym back to the primary Notes name. In this way users are not presented with logon prompts.
But if a user has inadequate permissions to access a database then they WOULD normally be promted for a logon - which doesn't help in an IIS environment because you're already logged on.
To avoid this, follow these steps:
1. Apart from the usual ACL entries, set the DEFAULT entry with NOACCESS but with Read AND Write public documents. Assign this ACL entry a ROLE of '[Unauthorised]' (or any other name you like).
2. Ensure the initial launch page of your database is available to Public users.
So far, this ensures that ANYONE will at least get to the launch page - which does not need to be a true launch or home page at all. Thus:
3. In the public access home page, run an OnLoad function that checks the current user's role. Eg: if (document.getElementById("UserRole").innerText == "[Unauthorised]") ... which looks at the value of a CFD field in a named SPAN or DIV block that is set to 'display:none' in its style.
4. If the user does not have the Role set then just forward them to the real home page via a simple 'window.top.location' or similar.
5. Unauthorised users stay on the initial home page and you can make a DIV block visible that explains they do not have the necessary permissions, or that they could not be authenticated etc and what they should do about it.
6. In this way, a user will never see a logon prompt (which just confuses them) when permissions are inadequate on a database.
I use this all the time now and users end up with a much better experience!