Carlos Sousa wrote:
If you wanted to set it to be active directory. If they have already authenticated to the AD before they open the outsystems page, is there a way to "see" this authorization when they first load the page so that they would not have to authenticate again through the webpage? We have done this on CAS but not on AD.
If I understand your question properly, what you describe is the behavior provided by the Integrated Authentication. Am I correct?
If so you can use this feature in a very simple way with OutSystems. Check this article http://www.outsystems.com/help/servicestudio/9.1/#t=Handling_security%2FAbout_Integrated_Authentication.htm
Hope it helps.
Ok - assuming that I set the platform authentication method to be Active Directory and have it set up correctly, I will still manually create users as needed in the OutSystems users table where the username is Domain/Username. Then when someone opens a page, if the getuserid() returns null I can run IntegratedSecurityGetDetails which should return their domain username if they are logged in. I could then search users to find a user with that username and if found log them into outsystems and proceed with the page load. If not, forward then I need to forward them to an AD login page which should act just like they are logging into OutSystems as the platform should use AD to authenticate them. This is of course assuming the platform stack is .net. Am I correct in the above?
I think you describe the process quite well :)
The only thing I would add is regarding the "...manually create users as needed in the OutSystems users table ":
What you can do is when, by using the IntegratedSecurityGetDetails action, you find it's an AD logged user you may have the app code creating the user and in that case the process is clearly more fluid and you don't need to manually handle user creation.