Skip to main content

%CSP.Login

Class %CSP.Login Extends %CSP.Page [ System = 3 ]

Provide a default login and security-token pages for CSP applications. User can override the look of this page by creating a subclass and overriding the DrawTitle method and the LOGINTITLE parameters.

CORS processing for CSP pages that do not inherit from %CSP.REST is also provided here. To turn on CORS assign the application's login page to be a subclass %CSP.Login that has the HandleCorsRequest parameter = 1. In addition, OnHandleCorsRequest and/or OnHandleOptionsRequest methods may be overridden in order to override the default behavior for the application.

Parameters

HandleCorsRequest;

Parameter HandleCorsRequest;

This parameter influences the CORS support for the CSP application that has this login page assigned. If set to true (1) then CORS processing is ON. Otherwise CORS processing is OFF.

STYLESHEET;

Parameter STYLESHEET;

Name of stylesheet used for login page.
Not used by default page: styles come from the DrawSTYLE method.

LOGINTITLE

Parameter LOGINTITLE = "Login Page";

Title displayed for login page.
Users can override this value to customize the login page.

FAVORITEICON

Parameter FAVORITEICON As COSEXPRESSION = "$$$ISCFAVORITEICON";

Home favorite icon.

DOMAIN

Parameter DOMAIN = "%UtilityLogin";

Login page localization domain

Methods

OnPage

ClassMethod OnPage() As %Status

Output the default login page as HTML

OnLoginPage

ClassMethod OnLoginPage() As %Status

DrawHEAD

ClassMethod DrawHEAD(pTitle = "")

Draw the HEAD section of the login page.
Users can override this method to customize the login page.

DrawTitle

ClassMethod DrawTitle(pTitle As %String)

Draw the title section of the login page.
pTitle is the title for the page.
Users can override this method to customize the login page.

DrawSTTitle

ClassMethod DrawSTTitle(pTitle As %String)

Draw the title section of the security token page.
pTitle is the title for the page.
Users can override this method to customize the security token page.

DrawTitleSection

ClassMethod DrawTitleSection(ByRef msgs As %String)

Draw the title section of the page.
pTitle is the title for the page.
Users can override this method to customize the page title section.

OnErrorSetup

ClassMethod OnErrorSetup(ByRef skipheader As %Boolean) As %Boolean [ ProcedureBlock = 1 ]

OnSecurityTokenPage

ClassMethod OnSecurityTokenPage() As %Status

DrawSTHEAD

ClassMethod DrawSTHEAD()

Draw the HEAD section of the security token page.
Users can override this method to customize the security token page.

DrawCSS3STYLE

ClassMethod DrawCSS3STYLE()

Draw the style definitions for the login page.
Users can override this method to customize the login page.

DrawSTYLE

ClassMethod DrawSTYLE()

Draw the style definitions for the login page.
Users can override this method to customize the login page.

ProcessCorsRequest

ClassMethod ProcessCorsRequest(url As %String, requireCors As %String = "") As %Status [ Internal, Private ]

Determine if this request requires CORS processing and if so, dispatch to OnHandleCorsRequest

OnHandleOptionsRequest

ClassMethod OnHandleOptionsRequest(url As %String) As %Status

This methods provides handling of the options request for this CSP application. Note carefully: If authentication is required then this method will be called before login and as such will have only limited privileges.

HandleDefaultOptionsRequest

ClassMethod HandleDefaultOptionsRequest(url As %String) As %Status [ Internal, Private ]

Handle an OPTIONS request for this CSP application

OnHandleCorsRequest

ClassMethod OnHandleCorsRequest(url As %String) As %Status

This is the CORS request handler. User should override this method in their login page if they don't want the default behavior.

HandleDefaultCorsRequest

ClassMethod HandleDefaultCorsRequest(url As %String) As %Status [ Internal, Private ]

Provide reasonable default handling for a CORS-enabled request for those who 'JUST WANT IT TO WORK'. The allowlist must be populated and the origin must be found in the allowlist for CORS headers to be added to the response.

SupportedVerbs

ClassMethod SupportedVerbs(url, Output verbs As %String) As %Status

By default all methods are supported.

OnPreHTTP

ClassMethod OnPreHTTP() As %Boolean [ ServerOnly = 1 ]

Determine if we need login CSRF tokens and if so add them. If a login page subclass overrides this method it should call this implementation to ensure we set the login CSRF tokens if needed.