How to modify the splash image and log-in form

The standard Process Commander log-in form identifies Pegasystems Inc. and the Process Commander product in an image.

In your setting, an image or text that identifies your organization or the application may be more appropriate.

In addition, you can change the text or layout of the log-in form, or change the authentication processing performed upon log-in.

Process Commander presents this sign-on form to guest requestors — users who have started the PRServlet servlet but are not yet authenticated. The RuleSet lists of guest users are limited to those RuleSets and versions listed in an access group listed in the BROWSER requestor type.

1. Create a new access group for unauthenticated users, for example Unauthenticated.
2. Create an application RuleSet to hold the additional rules to be available to guest users. (For security reasons, don't use an existing RuleSet that contains other parts of your application to hold these.) For example, you can call the new RuleSet version MyCorpSplash:01-01-01.
3. Open the new access group instance. Insert MyCorpSplash:01-01-01 into the Production RuleSets array.
4. Save the Access Group form.
5. Add the new access group to the BROWSER requestor type. Ensure that the radio button next to this access group.

Promptly after you complete and test any log-in changes for your application, update the RuleSet Version to secure it with a password. This prevents accidental additions of more rules to the RuleSet — additions that might inappropriately become available to unauthenticated guest users.

You may need to repeat steps 3 and 4 after your Process Commander system is upgraded or refreshed, because the upgrade process may overwrite Data-Admin-Requestor instances.

The standard splash page is comprised of the following images:

To edit the component images,

1. Using Paint, Adobe Photoshop, or any similar workstation software of your choice, prepare an image of the appropriate dimensions with colors and content of your choosing. Save each image on your workstation with a matching file name and extension.
2. Sign on to Process Commander. Open the standard binary file rule you wish to replace.
3. Use the Save As toolbar button () to make a copy of this standard rule in your new RuleSet, version 01-01-01. Don't change the name.
4. Click  Upload File   and navigate to upload the custom image.
5. Save the Binary File form.
6. The rule containing the new image is now available to guest users. However, your workstation browser cache and Process Commander's static content cache may contain the older, standard image19.gif. To clear your workstation cache (when using Internet Explorer), sign off from Process Commander, close any windows that display the image, and choose Tools > Internet Options > General > Temporary Internet Files > Delete.
7. To clear the static content cache, select > System > Tools > System Management App to start the System Management application. You may be prompted for authentication credentials.
8. In the System Management application window, choose the current node. Then select Advanced > ETier Static Content Management.
9. Click the  Delete Rule-File and ServiceExport   button to delete image19.gif and other binary files from the static content cache. Process Commander re-extracts them from the binary file rules as needed.
10. Sign off and sign on again to see the updated image.

The standard HTML rule named @baseclass.Web-Login defines the HTML code that presents the log-in form. You can override this to change the layout, wording, fonts, and colors used in the form. This procedure requires two workstations.

1. Open the standard HTML rule named @baseclass.Web-Login.
2. Use the Save As toolbar button () to make a copy of this standard rule in your new RuleSet, version 01-01-01. Don't change the rule name.
3. Alter the content of the HTML tab as desired to present the desired text, colors, and layout. Don't alter the directives, the <FORM> element, or the <INPUT> elements. Don't change the activity name referenced in the Submit button.
4. Save the HTML form.
5. Perform Steps 6 and 7 from a different workstation, in case the new log-in form is incorrect and prevents anyone from signing-on. Remain logged in on the first workstation.
6. At the second workstation, clear the browser cache (for Internet Explorer, use Tools > Internet Options > General > Temporary Internet Files > Delete).
7. At the second workstation, enter the sign on URL to see and test the new form.
8. At the first workstation, revise the HTML rule again until you are satisfied with the new layout and appearance, always testing on the second workstation.

The standard activity Code-Security.Login defines authentication for browser-based users. Rather than overriding this sophisticated standard activity, you can alter the Submit button of the HTML form to call your activity that in turn calls the standard activity.

Use caution when developing and testing this processing. Design or coding errors may produce a dangerous or costly situation:

• The new authentication processing might prevent everyone from logging in, even to restore standard behavior.
• The new processing is defective such that guest users can perform processing not intended for them.
• Users with invalid credentials can sign on.

Also see the Pega Developer Network article PRKB-25724 How to temporarily disallow new interactive logins with a Dynamic System Setting.

The standard HTML rule @baseclass.Web-Session-Return defines the appearance of the log out form. You can override this rule to suit local needs. The RuleSet containing your log out form must be available to guest requestors. H-18 Vidoni

See these Pega Developer Network articles:

• PRKB-26114 How to customize the login screen
• PRKB-25724 How to temporarily disallow new interactive logins with a Dynamic System Setting