Disable browser buttons

aware_support · Post by **aware_support** » Wed Oct 01, 2008 1:04 pm

tazzmaxx wrote:I was counting on your advertising to be true since I am a complete novice at these things. With all due respect, if users are not supposed to use the back button, why would you expect Aware users to build a solution to remedy this operational issue? If this was adding code to accomodate a business need then there would be no expectation that Aware would offer a solution but since this is core operation...why am I doing this? How do I tell my boss who is going to sign the check for Aware that AwareIM will not stop users from using the back button which in essence will remove them from the application or cause undesired results and confusion. I just think that if you are truly selling to 'Technically Minded Busines People' then you would not expect them to build solutions to operational issues.

We understand your frustration but as Tom points out disabling the Back button is just impossible and it never occurred to us yet in the context of version 4.0 that users would want to start Aware IM as a chromeless window. We will provide an easier solution and in the meantime we recommend a workaround to those who are familiar with JavaScript and HTML (like Pete).

Speaking of knowledge of technologies - I think you have been evaluating Aware IM for some time now and I don't think you ever needed to know any of the above mentioned technologies up to this point. In fact, most users of this forum probably don't know any of these technologies. So our claims are probably not far away from reality.

tazzmaxx · Post by **tazzmaxx** » Wed Oct 01, 2008 1:27 pm

Aware Support,

Thank you for your response. Being in the IT field for over 20 years I have seen different technology come and go. I have also been on the programming side (15 plus years ago) and on the management side and have found that the biggest challenge is making the business communicate their needs to the IT group in an effective and clear manner. As most all of your users are probably aware this never seems to happen and it generally causes budgets to go out of scale and timelines to extend way beyond their appropriate deadlines. I have enjoyed my learning process of using Aware. It has been a great way to display what the application will "look like" to end business users. I can't tell you what a positive and production reaction I have been able to obtain using your product.

That said, I really am adamant that a user like myself shouldn't be required to create temporary patches to address operational issues. It does appear that you are aware of the problem and look to resolve this for your users. This is very important to me as it shows your dedication to your product and your ability to understand the needs of the users who use Aware IM.

Do you have a timeframe on this change? I ask obviously because I wish to purchase the software but need to feel comfortable that this will not be an issue when we move an application to production.

pbrad · Post by **pbrad** » Wed Oct 01, 2008 1:47 pm

Hi,

I have been poking around under the hood a little bit and although I can likely get it to do what you describe it still isn't going to do exactly what I want.

Typically, I provide the login pages on external client sites using ssl. The login info is then posted to the AwareIM app in a chromeless window. The problem with your solution is that the login page needs to be within the Tomcat folder in order to be able to access the external ext.js file.

Would it be an option to have a page within the tomcat folder that receives the external html post like version 3 did in a chromeless window but then passes that info on to the V4 LogonOp.aw page?

Pete

tford · Post by **tford** » Wed Oct 01, 2008 2:08 pm

Tazz,

With a little Googling & experimenting, I was able to come up with this. Maybe this can be a short solution until support comes up with a more glamorous one:

1- Create a file in notepad called ChromelessAwareIMLogin.html with the following contents:

<script language="javascript">

</script>

<p>
Click here to
<a href="#" onClick="popupwin('http://xxx.xxx.xx.xxx:8080/AwareIM/logo ... meLifeLink','Loading','800','800','yes');">
Open AwareIM Login Screen</a>
</p>

Bold words will be your own URL

2- Users would then click click on a shortcut to ChromelessAwareIMLogin.html .

3- Click on the link to get to AwareIM's login menu. Your AwareIM login screen will then be a window without back buttons, etc.

Like you, I am not an HTML guy, but using http://newsourcemedia.com/index_view.php?id=61 and some trial and error, I came up with the above short term solution.

Tom

PS -- I would love to know how to automatically maximize the AwareIM login screen in this example.

pbrad · Post by **pbrad** » Wed Oct 01, 2008 2:15 pm

Hi Tom,

I thought of this approach yesterday but discounted it. The problem is that most users will bookmark the login page. When they access the bookmarked login page it will open up in a regular browser window, not the chromeless window.

Pete

tford · Post by **tford** » Wed Oct 01, 2008 2:21 pm

Makes sense Pete.

In my case, I will be putting this HTML/link on a company web page so that the web page will say "Click Here to Log Into XYZ Company Dashboard". This is the page I will tell users to bookmark.

The company page will not be gathering login info like it did in the V3 solution & passing it to AwareIM. I will be presenting the user with the Chromeless AwareIM login screen.

That should work, right?

Tom

pbrad · Post by **pbrad** » Wed Oct 01, 2008 2:49 pm

Hi,

Sure it will work but human nature being what it is, users will likely bookmark the login page rather than the link to the login page as it will save them from the arduous task of clicking their mouse twice.

You can tell your users what you like but my experience has been if they can find a way to break something or to just simply do it the wrong way, they will trample over each other to do so.

Cheers,
Pete

tford · Post by **tford** » Wed Oct 01, 2008 2:51 pm

Pete,

I guess that's what keeps us all in business

I look forward to someone smarter than me providing the optimal solution of the V4 login screen you originally asked about.

Tom

tazzmaxx · Post by **tazzmaxx** » Wed Oct 01, 2008 3:05 pm

Hi Tom,

I tried your example and it does work. I changed the height and width from 800 to 0 for both and the popup expands to the full size of my screen.

Thanks for the temp solution. I agree with Pete that users will try to get the least amount of clicks into their normal routine and as such, will probably not go to the link that we present to them. Human nature...

tford · Post by **tford** » Wed Oct 01, 2008 3:08 pm

Tazz,

Thanks for the tip on the max screen. I would not have thought of that.

Tom

tford · Post by **tford** » Wed Oct 01, 2008 3:27 pm

PS -- I agree with Pete also. Because he's always right

Tom

aware_support · Post by **aware_support** » Wed Oct 01, 2008 11:51 pm

I must be shot for recommending a solution that is way too complicated when there is a much simpler one.

Pete, this is just an idea for you - if you think that it is going to work I can provide a full code and we can include this code in the official version.

The idea is to construct the full Aware IM URL dynamically. By full URL I mean the URL that includes all parameters: user name, password, business space, testing mode:
logonOp.aw?domain=...&userName=...&password=... etc

This URL will open Aware IM application straight away without popping up the login screen. So what you do is you display your own login page anywhere you like and then rather than posting the form, you collect the entered credentials, form the URL as above using the Javascript and use window.open(...) to open the chromeless window to this URL.

Pete, let us know if this will work and if it does I will post the complete code, so that anyone can use it (and we can also include it into the product)

pbrad · Post by **pbrad** » Thu Oct 02, 2008 1:06 am

Sounds perfect,

Thanks very much,
Pete

Post by **aware_admin** » Thu Oct 02, 2008 10:09 am

This is a modification to Tom's page that allows you to collect credentials outside of Aware IM and open Aware IM in a chromeless window:

<html>
<head></head>
<body>
<script language="javascript">

function startAware()
{
var userName = document.forms [0].elements ['userName'].value;
var password = document.forms [0].elements ['password'].value;
var url = "http://xxx:8080/AwareIM/logonOp.aw?doma ... &userName=" + userName + "&password=" + password + "&testingMode=false"

window.open(url, null, "height=800,width=800, toolbar=no,resizable=yes,menubar=no,location=no");
}
</script>

<form>
<input type="text" name="userName">
<input type="password" name="password">
<input type="button" name="b" onclick="startAware(); return false;">
</form>

</body>
</html>

pbrad · Post by **pbrad** » Thu Oct 02, 2008 10:20 am

Hi,

Thanks Vladimir, this works well but unfortunately with one hitch, if you test it you will see that the username and password are being displayed in clear english in the url which is a pretty major security breach and makes this approach unusable.

Is there anyway to have the aw page strip the url parameters before it shows the page?

Thanks for your help on this,
Pete