Domino Authentication - returning JSON data on failure

policeman

Though Domino AJAX type authentication has been done to death – I did my first post on this along with Jerry years ago, one thing has always bothered me and that’s the return from Domino if there is an issue. i.e. incorrect password, not authorised etc.

NB This solution assumes you want to authenticate with Domino but not have to use a Domino generated Login form.​

Various Solutions

Various bloggers – ​Jake, Declan and more have suggested various ways in handling the return from Domino and I believe in 8.54 oAuth might be supported but if you have access to the domcfg database on the Domino sever there might be a simpler way.  Somebody might have already blogged this or its so obvious no one has bothered but still…

Suggested Solution

In the Domino Configuration database (domcfg) you can create an entry to point to a custom login form – I assume you are using Session based authentication.  Create this entry to point to a new form within your application.  The easiest way is to just copy the existing $$LoginUserForm from the design of the domcfg.nsf​ (It needs to have Read Public access on it and your ACL needs to allow anonymous users to have Read Public access).

Edit this form and change the form properties content type to application/json​

propertybox

Next copy the computed value and then get rid of the rest of the form except for the hidden fields at the bottom.

​Finally add some JSON text to wrap around the computed value:

{“loggedin”:false,“loginError”:}

### The Redirect

The next thing to add is somewhere for the redirect to point to.  This could be anything but I find a simple page with a content type of application/json along with the following JSON data works for me.

{ "loggedin":true, "user":{ "username":"", "accesslevel":"", "delete":, "roles":[] } }

### The Result

​The actual usage is now trivial, from what ever client technology  (assuming it can work with JSON data) you are using perform a normal HTTP Post to your custom database using the URL http://myserver/mydb.nsf?login and pass username, password and redirect values as parameters.  Check the return result, if the loggedin property is present then check to see if its false, if it is then display loginError else in my case I can hold a reference to my user object which is returned on the redirect.

Session timeouts

By default sessions timeout on Domino​ in 30 minutes and though this can be changed you should cover yourself for the event a session has timed out.  NB This is probably more of an issue for desktop technologies like Adobe Air or Chrome extensions.

The best method is to always check any AJAX calls to the Domino server for the existence of a loggedin property and if it exists is it false?  If it is then the user is not logged in so proceed with your login process.​