When the form loads, it is automatically redirected to a login agent that sits in a secure database. The code to redirect the page is hidden if the agent has already been called (determined through the RedirectTo field). This will result in the user logging in to use the agent and then continuing on to the agent to drop the cookie. The agent will then redirect the user to the secure URL they were trying to go to in the first place. This all happens in a second.
In passthrough HTML on the top of the form:
<head><meta http-equiv="Refresh" content="0 url=/yourpath/yourdatabase.nsf/AgentName?OpenAgentℜdirectTo=FIELD(d_RedirectTo)FIELD"></head>
The code has a hide-when value of:
The "FIELD" represents the actual field, "d_RedirectTo" which has a computed for display value of the RedirectTo field. (Domino will populate this field with the URL the user was trying to get to before prompted to login.
The redirection code will now put the URL the user was trying to reach in the query string after "ℜdirectTo=". Before finished running, the agent will parse the query string and redirect the user with the following code:
One more thing! Make sure you allow anyone allowed to log in to run this agent. Putting "*/YourCompany" as Reader in the ACL will be good enough.