Skip to main content

Secure Custom Web Application Logins

In addition to its recommended support for REST applications, InterSystems products support two types of legacy web applications: CSP and Zen. When configuring custom login pages that use CSP and Zen, it is important that you follow recommended protocols. These protocols provide greater security and minimize incompatibilities on upgrades to new products or versions.

About Creating a Custom CSP Login Page

To create a custom CSP login page:

  1. Ensure that the Web Gateway user (CSPSystem) has permissions to read the database for where the custom login page is located. Assign the desired database resource to an appropriate role, and then assign that role to the CSPSystem user.

  2. Create a subclass of the %CSP.LoginOpens in a new tab page.

  3. To customize your application’s behavior, override the subclass’s Draw methods, so that the page looks how you want. These include methods that modify the appearance of the login page and methods that modify the appearance of the security token page (if you are using two-factor authentication):

    Note that the DrawTitleOpens in a new tab and DrawSTTitleOpens in a new tab methods call the DrawTitleSectionOpens in a new tab method.

  4. Invoke the subclass as needed in your application.

Important:

When creating a custom login page, you must use a subclass of %CSP.LoginOpens in a new tab. Other approaches for creating login pages in CSP applications can cause problems of various kinds.

If you have written custom login pages that do not use a subclass of %CSP.Login and you apply any changes from InterSystems that upgrade or secure your instance, your login pages may fail without error messages. For example, users may attempt to log in with valid usernames and passwords, but their logins will fail without any visible cause. This situation may indicate that you need to change your custom login to use the required approach.

About Creating a Custom Zen Login Page

When creating a custom Zen login page, use the <loginForm> component in accordance with the procedure described in the “Controlling Access to ApplicationsOpens in a new tab” section of the “Zen SecurityOpens in a new tab” chapter of Developing Zen ApplicationsOpens in a new tab.

Important:

When creating a custom login page, you must use the <loginForm> component. Other approaches for creating login pages in Zen applications can cause problems of various kinds.

If you have written custom login pages that do not use the <loginForm> component and you apply any changes from InterSystems that upgrade or secure your instance, your login pages may fail without error messages. For example, users may attempt to log in with valid usernames and passwords, but their logins will fail without any visible cause. This situation may indicate that you need to change your custom login to use the required approach.

FeedbackOpens in a new tab