3Custom Login and Logout

Require a Login for Customer Portal Pages

You can add a login requirement to any customer portal page to require that customers be authenticated through the external login page before accessing the customer portal page.

Note: The CP_FORCE_PASSWORDS_OVER_HTTPS configuration setting requires all logged-in customer portal activity to occur over HTTPS. If this setting is enabled, which it is by default, pass-through authentication requests must be sent using HTTPS to ensure that information is being sent securely.
  1. To require login on the Support Home page, edit the home.php file by adding login_required="true" to the meta tag line of the page code. Your modified code might look like the following:

    <rn:meta title="#rn:msg:SHP_TITLE_HDG#" template="standard.php" clickstream="home" login_required="true" />
  2. To require a login on for any of these pages, edit the page’s.php file to add login_required="true" to the meta tag line of the page code as you did in the previous step.

    • error.php – Prevents customers from seeing PTA-specific error codes.

    • answers/detail.phpanswers/detail.php – Prevents customers from viewing answer details.

    • answers/list.php – Prevents customers from viewing the Answers page.

    • chat/chat_landing.php – Prevents customers from participating in a chat session with an agent.

    • chat/chat_launch.php – Prevents customers from requesting a chat session.

  3. If you have specified a value for PTA_EXTERNAL_LOGIN_URL, repeat Step 1 for the utils/login_form.php file.

    Caution: Do not edit this file if PTA_EXTERNAL_LOGIN_URL is blank.

How You Require Customers to Log Out From the Customer Portal

You can require customers who log in to your customer portal from an external site to also log out from the external site.

If you do, the Logout link is removed from the customer portal. Customers who log out from the external site must be redirected to the ci/pta/logout page, where all cookies are cleared and customers are logged out of the customer portal. Customers do not see this page, but are instead directed to the page defined in the PTA_EXTERNAL_ POST_LOGOUT_URL configuration setting after they log out of the customer portal. This might be your external home page, for example, or a page with a message that confirms successful logout.

You can also allow customers to log out from the customer portal even when they have logged in from an external site using pass-through authentication. The PTA_EXTERNAL_ LOGOUT_SCRIPT_URL configuration setting defines the page where customers are directed after logging out of the customer portal, and it allows the display of the Logout link on the customer portal. (If this setting is blank, customers cannot log out of the customer portal because no Logout link is displayed. In this case, they must log out through the external site instead.) When customers click the Logout link, they are logged out of the customer portal and directed to the external URL specified in the PTA_EXTERNAL_LOGOUT_SCRIPT_URL configuration setting. Your code defines what happens next. For example, you might log customers out of your external site automatically when they log out of customer portal. In that case, customers can be directed to the page specified in the PTA_EXTERNAL_POST_LOGOUT_URL configuration setting.

How You Implement a Customer Login Script

To develop a login-parameters integration, you must embed code within your login script to format a URL that passes data from your external validation source to the customer portal.

The embedded code can be written in any scripting language, including PHP, JSP, or ASP. The login parameters from the external validation source must be placed in the customer portal URL and must be encoded using Base 64 encoding. In addition to using the Base 64 function, certain characters must also be replaced in the URL (+ becomes _, / becomes ~, and = becomes *).

Note: You must use a login script for every link from your website to the customer portal. If contacts exit the customer portal and re-enter later in their session, they are not automatically logged in. Therefore, we recommend that all links to the customer portal contain pass-through data.

URLs use this format: http://your_domain/ci/pta/login/redirect/answers/list/p_li/encoded_login_parameters

Note: You can replace answers/list with any customer portal page (for example, home), or use the p_next_page parameter to return customers to their original customer portal page.

The PTA controller accepts the p_li encrypted password parameter with either a GET or POST request. The POST parameter is checked only if p_li is not part of the URI (uniform resource identifier).

The parameters that can be passed to the customer portal are detailed in the table. Each parameter represents the associated field in the contacts table of the Oracle database. For additional parameters that can be passed to the customer portal, see Additional Parameters.

Table Parameter-Field Associations

Parameter

Field in contacts table

Notes

p_userid

login

This parameter is required to log in and create a contact record. It cannot be updated with pass-through authentication.

p_passwd

password

This parameter is required to log in and create a contact record or log in as an existing contact. It cannot be updated through pass-through authentication. The value can be null.

This parameter is ignored when the PTA_IGNORE_CONTACT_PASSWORD configuration setting is enabled. See How You Enable Dual-Mode Login.

p_email.addr

email

This parameter is required to log in and create a contact record. Its value must be unique.

p_title

title

p_name.first

first_name

p_name.last

last_name

p_alt_name.first

alt_first_name

p_alt_name.last

alt_last_name

p_email_alt1.addr

email_alt1

p_email_alt2.addr

email_alt2

p_addr.street

street

p_addr.city

city

p_addr.postal_code

postal_code

This parameter must not contain special characters. (For example, 59715-1111 should be passed as 597151111.)

p_addr.country_id

country_id

This parameter must be passed as a country’s ID number. See How You Find Code Numbers and Report IDs.

p_addr.prov_id

prov_id

This parameter must be passed as a state or province’s ID number. See How You Find Code Numbers and Report IDs.

p_ph_office

ph_office

p_ph_mobile

ph_mobile

p_ph_fax

ph_fax

p_ph_asst

ph_asst

p_ph_home

ph_home

How You Log Out of Pass-Through Authentication with Communities Disabled

When Social Experience communities are disabled, customers can log out of the external site or the customer portal.

Logging out of the external site works normally: After customers log out from the external site, the customer portal logout page is invoked, clearing cookies and logging out the customer, who is redirected to the page specified in the PTA_EXTERNAL_POST_LOGOUT_URL configuration setting. This setting must contain the fully qualified URL of the page you want to redirect customers to.

When communities are disabled and customers click the Logout link on the customer portal, they are logged out of the customer portal and redirected to the page defined by the PTA_EXTERNAL_LOGOUT_SCRIPT_URL configuration setting. This page is the page that logs customers out of the external site, and you can pass a source page parameter to send customers back to the page they were on when they logged out. You also can send them to any other page.

How You Log Out of Pass-Through Authentication with Communities Enabled

When Social Experience communities are enabled, customers can log out from the external site, the customer portal, or the community.

Logging out of the external site is the same whether communities are enabled or not, except that customers are also logged out of the communities in the process.

When customers click the Logout link on the customer portal, they are directed to the community logout script using the source page parameter in the PTA_EXTERNAL_LOGOUT_SCRIPT_URL configuration setting. Customers are then logged out of the external site and redirected to PTA_EXTERNAL_LOGOUT_SCRIPT_URL. This setting must contain the fully qualified URL of the page you want to redirect customers to.

When customers click the communities logout link, they are logged out of the communities, redirected to a logout page for the customer portal (ci/social/logout), logged out of the customer portal, and then redirected to the page specified in PTA_EXTERNAL_LOGOUT_SCRIPT_URL.

Note: The code for communities must be modified to pass the encoded URL of the page from which the customer logs out.