Logon page tailoring

The logon page that is presented to users of the web client or FDA users requesting external authentication can be easily tailored according to local requirements by a system administrator. Certain options will require a Windows administrator.

The example below shows a tailored logon page with tailoring options noted in the ballon captions.

Image
Example of a tailored logon page with tailoring options noted

To tailor the logon page

The FileHold tag line at the bottom of the logon panel and the FileHold logo in the bottom right of the screen cannot be changed unless you have the web client rebranding option in your license. The client version information on the bottom of the logon panel will change to match the client that is initiating the logon.

  1. In the Web Client, go to Administration Panel > System Configuration > Security > Logon page tailoring.
  2. Click the large screen or small screen tabs to change the background.
  3. When you have selected an image, a thumbnail will appear in the field. If you would like to select a new image, first delete the thumbnail by clicking the X at the right of the field.
  4. Edit any values in the fields matching the captions in the diagram.
  5. When using the local login option, the Disable show password button provides the administrator with the ability to prevent the user from pressing the eye icon to show their password in clear text for environments where someone can look over the user’s shoulder.
  6. HTML and CSS markup can be used in the fields with “HTML” next to their name. Note that the markup is not validated in the administration screen.
  7. There will be two fields on the page for each provider configured in the AuthenticationProviders JSON object. These values are used to form the button the user presses to select the login method in the login panel. The first is the image and the second is the text that appears next to the image on the button.
  8. Click Save.

The authentication methods listed and their order is dependent on settings in the WC3\appsettings.json on the application server. Specifically, the AuthenticationProviders object properties: Order and Disable.

FileHold Cloud customers that wish to reorder their authentication options should contact [email protected].

The following sample appsettings.json file illustrates how the providers are ordered.

"AuthenticationProviders": {
    "LocalLogin": {
      "Type": "LocalLogin",
      "Order": 2
    },
    "WindowsIdentityProvider": {
      "DisplayName": "Windows Authentication",
      "Type": "RemoteSession",
      "Order": 2,
      "Disable": true,

      "Properties": {
        "Authority": "https://myfileholdserver.com/FH/FileHold/UserRoleManager/WindowsLogin.aspx",
        "CallbackPath": "/signin-iwa"
      }
    }
    "Azure": {
      "Type": "MicrosoftIdentity",
      "Order": 4,
      "Disable": true,

      "Properties": {
        "Instance": "https://login.microsoftonline.com/",
        "ClientId": "fadb2fc8-8efe-4e34-933a-ac5de60edce9",
        "TenantId": "a9113f40-45ec-433d-a4d8-10e660b6fea8",
        "CallbackPath": "/signin-microsoft"
      }
    }
    "secure-auth": {
      "DisplayName": "Secure Auth",
      "Type": "OpenIdConnect", 
      "Order": 1,
      "Disable": false,

      "Properties": {
       "Authority": "https://secauthportal.mycompanyauthserver.com/Secureauth125",
       "MetadataAddress": "https://secauthportal.mycompanyauthserver.com/SecureAuth125/.well-known/openid-configuration",
       "ClientId": "74ea2d63db134cd785ea3396feebd3ac", 
       "ClientSecret": "c19f96aebb874dddab965b8ad6c0c264c19f96aebb894dddab965b8ad6c0c264", 
       "CallbackPath": "/signin-secureauth", 
       "ClaimsIssuer": "secauthportal.mycompanyauthserver.com"
      }
   }
}