When you start developing a new eSpace module, by default, it already contains logic to perform end-user authentication. The OutSystems Platform supports three distinct authentication modes out of the box: Internal, Active Directory, LDAP:
By default, Internal authentication is performed.
When the user enters the application for the first time, if the screen being accessed only allows authenticated users to see it, then a security exception is raised. The following authentication process is followed:
the platform is configured to use Windows Integrated Authentication
and the end-user is inside the internal
network, the user is authenticated using Windows Integrated authentication.
Once the user makes a request, the server replies with an HTTP 401
status, signaling to the end-user browser that authentication is required.
If the browser already has the end-user credentials stored, it automatically sends the credentials to the web server. Otherwise, the browser displays a form for the user to input the credentials and sends them to the server. This means that even if you have a custom Login page, the end-user will not see it. Learn more About Integrated Authentication.
If after this process the user could not be authenticated, then an 'Invalid Login' message is displayed to the end-user.
About End-User Management | Configuring End-User Authentication