Change Password
I'm still investigating embedded login forms and plan on writing up everything I've found once I get a foolproof solution. Using all the feedback from last Friday and some other bits I've discovered I am some way towards this!
Yesterday I found something that was completely new to me - Change Password forms. Maybe I'm the only person here who didn't know about the $$ChangePasswordForm? Damn, and I call myself a Domino specialist! Well, it's obvious what they do. One box for your old password and two for your new one, you know the kind of thing - every other site has them.
Has Domino got it right? Come on, what do you think! First problem is that, for some reason, the HTTP task caches your old password for 48 hours. Why?! How confusing is that for users! Apparently you can change this to 0 hours for immediate effect. Then there's the message returned by the form. You get a "blank page" that looks like this:
The source to which is:
<html> <head> <meta http-equiv="refresh" content="5; URL=/"></head> <body> <h2>Password change request submitted.</h2></body> </html>
You can customise your own copy of the change password form so that it matches your site's design. But, as far as I can tell, there's no way of avoiding having your page design so rudely ignored by the returned page. The form has a RedirectTo field, but the value of this is merely used as the target for the 5 second redirect. I tried $$Return but that had no effect. Damn it Lotus can you not get anything right.
Anyway, I'll try and put some time aside soon and use this topic to write a well overdue article.
Skip to the 
You can subscribe to an individual
funny, i discovered that command and that form last week. i was going to blog about it.. now it is useless !
I've had that command on my Intranet since we went to 6.0... But I never knew about the HTTP cache - thanks because it's a pain that a user changes the password and the old one is still active. You still have to wait for adminp to process the request too...
You can customize the returned page. Use the third view in your domcfg.nsf - the one titled "Error and Response form mappings", and put your customized response form's name under "Password Change Submitted Responses".
You'll have to take care of the massages and redirection, but it will work. I just did it yesterday actually :)
Mind you, there's another bug in ?ChangePassword, that you lucky english speaking people probably don't have to worry about.
If a login username contains special (non-us-ascii) characters, the login form works OK, but the ChangePassword form fails - reports a "not correct password", although the user just logged in with the exactly same password.
Thanks Matjaz. I take some of it back. Lotus aren't all bad.
Looking at all the hoops you have to jump through, and all the friggin templates you have to override, a manual solution is sounding better all the time.
It's worth considering, especially if your client isn't an all Notes shop and has a central LDAP compliant authentication authority already in use for other applications or webservers. You're effectively running up on the shoals of Domino at full steam with the proveded set of tools.
Also, Domino can prvide LDAP directory services, so breaking your process into two tiers, authentication process (custom login forms and code) and authentication authority(domino LDAP or other LDAP source), gives you built in scalability if the customer expands their infrastructure later on. And you can stop worrying about all this $$ nonsense! :-)
I've always tackled this with a custom form - I have an agent I picked up from somewhere years ago that clears the NLCache on the server after changing the password. At least this way I know (roughly) what to expect!
I hope you write an articule because i didn't know about this.
Does change password functionality work when you're using the Directory Catalog functionality as well? (i.e. usernames not in the main address book, but in seperate ones)
I don't know Hans. Give it a go and see what happens.
I dont think changing the settings on HTTP cache is a good idea ??? It is used by other things, such as iNotes and the caching of static content and documents, so you may be effecting performance in other areas.
For me, when creating a new user, via web, i have tried some api processing which didnt work too well. So now i simply refresh some views, ($Users) & ($ServerAccess), and I find this work immediately.
To change password, I have found that by (1) creating a copy of the existing Person-Document, then (2) removing the existing Person-Document, and (3) refreshing views, then users can log in with the new password almost immediately.
Also, for adding or updating Groups, I also find refreshing some views works really well.
Deleting and recreating the Person-Document is a bit of a hack, but hey, what the f-ck isnt a hack in Domino. (64k limit, bah!).
what about the form that appears when you 'Force user to change Internet Password on next login' ?
The form is a bit different .... where can I edit this one?
Pease give me step by step detaols of using $$chandepasswordform .thanx
Please give me step by step details of using $$chandepasswordform .thanx
$$ChangePasswordForm is the default for Change Password form. So you don't have to set anything to use it, just create the domcfg.nsf database using Domino Web Server Configuration template (advanced templates).
But if you want to use your own custom change password form, then you have to open the domcfg.nsf and add mapping to Change Password, fill the name of the database which contains the custom change password form, and also fill the name of the form.