Skip to Content (Press Enter)
OutSystems.com
Personal Edition
Community
Support
Training
Training
Online Training
Developer Schools
Boot Camps
Certifications
Tech Talks
Documentation
Documentation
Overview
ODC
O11
Forums
Forge
Get Involved
Get Involved
Jobs
Ideas
Members
Mentorship
User Groups
Platform
Platform
ODC
O11
Search in OutSystems
Log in
Get Started
Back to Forums
Carlos Henriques
231
Views
3
Comments
User_Login Action - Change Behavior
Question
The User_Login action (Users eSpace) has the following behavior (from action description):
1 - if found local user with password:
1.1 - login with local user;
2 - if active directory is on:
2.1 - if Authentication.ValidateLogin(username, password) is ok
2.1.1 - create or update user
#1)
Is it possible to disable the step 2.1.1? I can't find any property that could change this behavior. I don't want the login action to create users in my application.
The action could have a property to control this behavior, or instead an eSpace site property.
#2)
If the step 1 is true does it also run step 2? Because, I have many cases of local users with passwords for whom the system created an account from the active directory, and now the same users has 2 accounts: one local and one from the domain.
Justin James
MVP
1. No, that's pretty mandatory or else none of the other stuff around authentication works.
2. I do not know the answer to that, but a quick experiment can confirm it for you. I don't have access to a .NET + Active Directory environment.
J.Ja
1 reply
19 Oct 2015
Show thread
Hide thread
Carlos Henriques
Justin James
wrote:
1. No, that's pretty mandatory or else none of the other stuff around authentication works.
2. I do not know the answer to that, but a quick experiment can confirm it for you. I don't have access to a .NET + Active Directory environment.
J.Ja
#1. It doesn't make much sense to me. One thing is authentication and other is user management.
I know OutSystems always had this behavior, which I disagree, but that's just because it does not have a proper AD account import tool.
I don't want users and the authentication action to create users in my apps, I have a user management area for Admins to do that.
I don't mind that the User_Login action has this behavior, but it should at least have an option to disable it for anyone that doesn't want or need it.
#2 Something is not working well, but can be a problem with the latest builds.
- I have users with local accounts in OutSystems Platform that also have AD accounts which are not synced with the Platform. The local and AD account sometimes have the same password;
- AD authentication is ON;
- User tries to login with the local account and valid password and gets an auth error and the Platform creates the AD account. It shouldn't because the user already has a valid local account. I think it sometimes ignores the local account and tries to force the use of the AD account.
This is the problem this behavior is doing in the User_Login action. It would be simpler if the User_Login action could only do one thing... authentication!
André Siébra
Hi Carlos,
#1)
You could try to use
LoginPassword
action (from System) instead of using
User_Login
. I suggest you to open
Users
espace to analyze the implementation of the
User_Login
action. You'll see that it uses this action in local login attempt.
#2)
If you follow my suggestion you will notice that
when step 1 is true it does not also run step 2, since if
User_LoginInternal
action returns true the action ends, as you can see below (part of
User_Login
action implementantion):
Hope it helps!
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
See the full guidelines
Loading...