Skip to main content

Digital Transformation

Implement a Terms of Use Acknowledgement in WebSphere Portal

 A very common requirement in a portal solution is a terms of use acknowledgement (TOU) which gates entry into the portal until the user accepts terms and conditions.  The next time the user logs on, they will not be required to accept the conditions again.  There is not a built in “out of the box” capability; however a number of tools and capabilities exist to easily implement one.  In this example, the following steps will be implemented:

  1. Create a database which has fields to capture a user login ID, TOU acknowledgement, TOU version, and date.
  2. Create a Terms of Use portal page.  You can set the theme policy to “No Theme” in order to remove the navigation and prevent users from navigating to a different page without accepting the TOU.

    Terms of Use - Page Properties

    Terms of Use - Page Properties

  3. Create the TOU content.  This can easily be managed in IBM Web Content Management (WCM.)
  4. Create a portlet which captures the acknowledgement and records the relevant information in the database.  The portlet should also provide the user the ability to not accept the TOU at which point, the portlet would need to redirect the user to the logout page thus blocking access to the portal.
  5. Add the portlet from 4) along with the WCM content from 3) to the TOU page created in 2).
  6. Implement an explicit login filter to extend the portal login process.  This login filter will read the TOU acknowledgement database and redirect the user TOU page if they hae not accepted the most recent TOU.  If you’re portal solution uses single sign on, you will also need to implement an implicit login filter, but the code is virtually identical to the explicit filter.  This is registered in the Integrated Solutions Console under Resource Environment Providers / WPConfigService.
    Resource Environment Providers - WPConfigService

    Resource Environment Providers - WPConfigService

  7. If you have a mobile version of your portal, you can use the same approach to detect the device and simply redirect to the mobile optimized TOU acknowledgement page.

I do want to provide one bit of advice when using login filters like this approach does.  If you configure a login filter and the class that the filter references does not exist, nobody will be able to log into the portal.  If you find this happens, you will either need to remove the login filter or make sure the referenced class exists on the portal’s classpath.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Glenn Kline

Area Vice President, Custom Development and Mobile Solutions

More from this Author

Follow Us