Manage Learn to apply best practices and optimize your operations.

Secure HTTP Login

How to ensure that your Domino HTTP usernames and passwords are secured during log in. Normal Domino logins are passed via clear text and can be easily captured by sniffers sitting outside of your firewall. This helps to encrypt those logins.
There are 8 steps that I use to ensure that Domino HTTP passwords are encrypted:

1. Enable Session Authentication on the Internet Protocols, Domino Web Engine section of the server document.

2. Follow the instructions in the Domino Administration help to configure and enable SSL.

3. Create a database with a special login form in it. A sample database can be found at
www.notes.net/sandbox.nsf/DownloadPage?OpenForm
Under the Popular downloads, choose the Domino Custom Login Forms database.

4. Upload this database to the data directory on your server with the name DCLF.nsf (can be any name but will use this for example)

5. In the database properties of any database you are publishing via Domino, set the Web Access: Require SSL Connection to yes.

6. Customize one of the forms in DCLF.nsf to your companies colours, logos, etc.

7. Create a Domino Configuration Database named domcfg.nsf (must be in the root). In that database, create a mapping to a custom login form. Point to the DCLF.nsf and form that you set up in steps 3 and 4.

8. Recycle the HTTP service >tell http restart

You will notice that when you go to login, you are presented the form in DCLF.nsf that you modified earlier, you will also notice that SSL has been activiated on your browser. When you login, your User Name and password are now passed to the server under SSL.

Dig Deeper on Lotus Notes Domino Policy Management

SearchWindowsServer

Search400

  • Favorite iSeries cheat sheets

    Here you'll find a collection of valuable cheat sheets gathered from across the iSeries/Search400.com community. These cheat ...

  • HTML cheat sheet

    This is a really cool cheat sheet if you're looking to learn more about HTML. You'll find just about everything you every wanted ...

  • Carol Woodbury: Security

    Carol Woodbury

SearchDataCenter

SearchContentManagement

Close