How to modify the splash image and log-in form

The standard PRPC log-in form includes:

• The PRPC product name
• Version level of the product
• A footer containing:
  • System node description
  • Build identifier for the code build on which the installed version is based
  • Pegasystems copyright and trademark information

In your setting, an image or text that identifies your organization or the application may be more appropriate.

In addition, you can change the text or layout of the log-in form, or change the authentication processing performed upon log-in.

In the footer of the log-in form, the text for the system node is the short description of the System Node form.

To customize the displayed System Node text:

1. Click > System > General > Systems, Nodes, Requestors.
2. Scroll down to the Nodes section.
3. In the Node Name column, click the name of the node that has the arrow next to it. This is the current node. The System Node form opens.
4. In the Short Description field of the System Node form, enter the text that you want displayed for the System Node portion of the log-in form's footer.
5. Save the form.

To see the changes, log out, and then return to the log-in form in your browser.

In a multinode cluster, repeat steps 3 through 5 for each node listed in the Nodes section of the Systems, Nodes, Requestors gadget.

PRPC presents this sign-on form to guest requestors — users who have started the PRServlet servlet but are not yet authenticated. The RuleSet lists of guest users are limited to those RuleSets and versions listed in an access group listed in the BROWSER requestor type.

1. Create a new access group for unauthenticated users, for example Unauthenticated.
2. Create an application RuleSet to hold the additional rules to be available to guest users. (For security reasons, don't use an existing RuleSet that contains other parts of your application to hold these.) For example, you can call the new RuleSet version MyCorpSplash:01-01-01.
3. Open the new access group instance. Insert MyCorpSplash:01-01-01 into the Production RuleSets array.
4. Save the Access Group form.
5. Add the new access group to the BROWSER requestor type. Ensure that the radio button next to this access group.

Promptly after you complete and test any log-in changes for your application, update the RuleSet Version to secure it with a password. This prevents accidental additions of more rules to the RuleSet — additions that might inappropriately become available to unauthenticated guest users.

You may need to repeat steps 3 and 4 after your PRPC system is upgraded or refreshed, because the upgrade process may overwrite Data-Admin-Requestor instances.

The standard splash page is comprised of the following images:

To edit the component images,

1. Using Paint, Adobe Photoshop, or any similar workstation software of your choice, prepare an image of the appropriate dimensions with colors and content of your choosing. Save each image on your workstation with a matching file name and extension.
2. Sign on to PRPC. Open the standard binary file rule you wish to replace.
3. Use the Save As toolbar button () to make a copy of this standard rule in your new RuleSet, version 01-01-01. Don't change the name.
4. Click  Upload File   and navigate to upload the custom image.
5. Save the Binary File form.
6. The rule containing the new image is now available to guest users. However, your workstation browser cache and PRPC's static content cache may contain the older, standard image19.gif. To clear your workstation cache (when using Internet Explorer), sign off from PRPC, close any windows that display the image, and choose Tools > Internet Options > General > Temporary Internet Files > Delete.
7. To clear the static content cache, select > System > Tools > System Management App to start the System Management application. You may be prompted for authentication credentials.
8. In the System Management application window, choose the current node. Then select Advanced > ETier Static Content Management.
9. Click the  Delete Rule-File and ServiceExport   button to delete image19.gif and other binary files from the static content cache. PRPC re-extracts them from the binary file rules as needed.
10. Sign off and sign on again to see the updated image.

The standard HTML rule named @baseclass.Web-Login defines the HTML code that presents the log-in form. You can override this to change the layout, wording, fonts, and colors used in the form. This procedure requires two workstations.

1. Open the standard HTML rule named @baseclass.Web-Login.
2. Use the Save As toolbar button () to make a copy of this standard rule in your new RuleSet, version 01-01-01. Don't change the rule name.
3. Alter the content of the HTML tab as desired to present the desired text, colors, and layout. Don't alter the directives, the <FORM> element, or the <INPUT> elements. Don't change the activity name referenced in the Submit button.
4. Save the HTML form.
5. Perform Steps 6 and 7 from a different workstation, in case the new log-in form is incorrect and prevents anyone from signing-on. Remain logged in on the first workstation.
6. At the second workstation, clear the browser cache (for Internet Explorer, use Tools > Internet Options > General > Temporary Internet Files > Delete).
7. At the second workstation, enter the sign on URL to see and test the new form.
8. At the first workstation, revise the HTML rule again until you are satisfied with the new layout and appearance, always testing on the second workstation.

The standard activity Code-Security.Login defines authentication for browser-based users. Rather than overriding this sophisticated standard activity, you can alter the Submit button of the HTML form to call your activity that in turn calls the standard activity.

Use caution when developing and testing this processing. Design or coding errors may produce a dangerous or costly situation:

• The new authentication processing might prevent everyone from logging in, even to restore standard behavior.
• The new processing is defective such that guest users can perform processing not intended for them.
• Users with invalid credentials can sign on.

Also see the PDN article 25724 How to temporarily disallow new interactive logins with a Dynamic System Setting.

The standard HTML rule @baseclass.Web-Session-Return defines the appearance of the log out form. You can override this rule to suit local needs. The RuleSet containing your log out form must be available to guest requestors.

See these PDN articles:

• 26476 How to customize the log-out screen
• 26114 How to customize the login screen
• 25724 How to temporarily disallow new interactive logins with a Dynamic System Setting