Windows Integrated Authentication(SSO) for Reactive Web

Stable version 1.0.3 (Compatible with OutSystems 11)
Published on 13 Oct (10 days ago) by 
5.0
 (2 ratings)

Windows Integrated Authentication(SSO) for Reactive Web

Details
A Forge component that shows how to login user with SSO[Single Sign On] in a Windows Integrated Authentication mechanism, Since Reactive web apps don't support Windows Integrated Authentication.
Read more

Windows Integrated Authentication will not support Reactive Web app & will not allow users to login directly inside the application even though SSO[Single Sign On is enabled in the Environment] This component can be used has a redirector to login into the Reactive app.

https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/End_User_Management/End_Users_Authentication/Integrated_Authentication

About the component: Each time when the application is not detecting the user it will redirect the user in backend to a Traditional application[Since WIA support Traditional app] & there the user gets logged in and again redirects to the reactive app.

The bellow settings should be enabled in service center & Lifetime[Target environment configuration]

  1. Enable HTTP Strict Transport Security(HSTS) 
  2. Force HTTPS for screens in Web Applications
  3. Secure Cookies
  4. Single Sign-On Between App Types

Follow the below steps:

  1. Take dependency of RedirectAuth server action from Redirect_Auth module
  2. Create a client variable(FirstValidation) of datatype Boolean, from Data Tab.
  3. Create a server action(ValidateRole) Validate Role with one O/P parameter(Result) with datatype as Boolean, from Logic's tab.
  4. Inside the server action (ValidateRole) add an IF widget with condition CheckRegisteredRole(UserId:)
  5. Map the True to an assignment widget and add the following properties
  6. Variable:Result
  7. Value: True
  8. Map the False to End.
  9. Open the On exception from Interface tab -> UI Flows -> common
  10. Right After the security exception drag an IF widget with condition GetUserId() <> NullIdentifier() and not Client.FirstValidation
  11. Map the True to an assignment widget and add the following properties
  12. Variable:Client.FirstValidation
  13. Value: True
  14.  Map the False to an assignment widget and add the following properties
  15. Variable:Client.FirstValidation
  16. Value: False
  17. Map the False assignment to the existing IF widget.
  18. Drag the ValidateRole server action after the first assignment.
  19. Map the action to another IF widget and add a condition ValidateRole.Result
  20. Map the True condition to a RedirectToURL and assign the URL property as GetBookmarkableURL()
  21. Map the False condition to an assignment and ass the following properties
  22. Variable:Client.FirstValidation
  23. Value: False
  24. Now Map the assignment to the existing Destination Common\InvalidPermissions as shown in the below image.
  25. Drag and drop the RedirectAuth server action which was added as dependency from Redirect_Auth module right after the IF condition which was already present in the On Exception action.
  26. This action should be above and below the existing IF condition and the Assignment statement, which was already present in the On Exception action.
  27. In the property box map the Original URL as GetBookmarkableURL()
  28. Add an IF widget after the RedirectAuth action with condition RedirectAuth.URL <> ""
  29. Map the True to the RedirectToURL and add the URL property as RedirectAuth.URL
  30. Map the False condition to the existing assignment(Last request) as shown in the below
  31. Publish the module and verify.

Find more details about the component in documentation.

OS will fix this issue in future release, developers can utilize this component until we get a new release which fix this issue.

What’s new (1.0.3)

Renamed demo

Reviews (0)