Hi Hi All,

Developed Mobile application, Login validation using Active Directory(Azure) and fetch the data from sales force Via Outsystem.


My application is working properly and could performed all operations.


After 48 hours i am trying to perform action i am getting an exception as  "LAUser Role Required" .kindly help me to resolve issue


Exception info given below:

Id: c9bbca8f-c6f7-4dba-a81d-9a06d6710b64

Time of Log:2019-10-04 06:43:30

Request Key:1adf4356-d130-4bf6-bfd1-5393ff1cb082

eSpace:

Tenant:Users

User:

Login Id: Anonymous

Server:

E3QAN-NP4V9L

Screen:

Action:GetUserDetails

Error Message:

LAUser role required

Stack:

LAUser role required

GetUserDetails
 WASP.NotLAUser: LAUser role required

   at ssWASP.ScreenServices.WASP_MainFlow_HomePage_Controller.CheckPermissions(HeContext heContext)

   at ssWASP.ScreenServices.WASP_Controller.<ActionGetUserDetails>b__10(HeContext heContext, String screenName, JObject screenModel, JObject inputParameters)

   at OutSystems.RESTService.Controllers.ScreenServicesApiController.endpoint(String input, String endpointName, String apiVersion, EndpointImplementationDelegate implementation)



Service center Screen shot:

Hi Ganeshkumar,

You are seeing the error because the user who is trying to perform action does not have proper role, which in this case is LAUser. The easiest fix for this one would be to go to Users module in your environment, find this user and assign him LAUser role. If this fixes your problem, then in your application you would have to ensure that every time you create a new user, it should also be assigned the proper role based on your business and application requirement.

Hope this helps!

Junaid

Ganeshkumar Chelladurai wrote:

Hi Hi All,

Developed Mobile application, Login validation using Active Directory(Azure) and fetch the data from sales force Via Outsystem.


My application is working properly and could performed all operations.


After 48 hours i am trying to perform action i am getting an exception as  "LAUser Role Required" .kindly help me to resolve issue


Exception info given below:

Id: c9bbca8f-c6f7-4dba-a81d-9a06d6710b64

Time of Log:2019-10-04 06:43:30

Request Key:1adf4356-d130-4bf6-bfd1-5393ff1cb082

eSpace:

Tenant:Users

User:

Login Id: Anonymous

Server:

E3QAN-NP4V9L

Screen:

Action:GetUserDetails

Error Message:

LAUser role required

Stack:

LAUser role required

GetUserDetails
 WASP.NotLAUser: LAUser role required

   at ssWASP.ScreenServices.WASP_MainFlow_HomePage_Controller.CheckPermissions(HeContext heContext)

   at ssWASP.ScreenServices.WASP_Controller.<ActionGetUserDetails>b__10(HeContext heContext, String screenName, JObject screenModel, JObject inputParameters)

   at OutSystems.RESTService.Controllers.ScreenServicesApiController.endpoint(String input, String endpointName, String apiVersion, EndpointImplementationDelegate implementation)



Service center Screen shot:

Hi,


As Junaid said, it has to do with the user not having the necessary role, you can create this logic to give this permission when fetching the data or create a simple back-off screen to manage users / groups / roles.


And i notice the login id is Anonymous, i think the user is not right or not registered at your platform. Please check this case too.


Hope to help,

Thiago S. Mari

Thanks all for your response.

i am getting the data from Sales force and used the same in Outsystem  using Sales-force connector.

I was given proper Role assigned while login the user and Checked enabled LA user for each screen.Hence application has used only LA Role based person.

I could able to Login Home page if i am same user Logout and Re-Login


my question is is after 48 hours(just close the application in device and reopen the application after 2 days) during that time i got an "LA user role required" 

Ganeshkumar Chelladurai wrote:

Thanks all for your response.

i am getting the data from Sales force and used the same in Outsystem  using Sales-force connector.

I was given proper Role assigned while login the user and Checked enabled LA user for each screen.Hence application has used only LA Role based person.


I could able to Login Home page if i am same user Logout and Re-Login


my question is is after 48 hours(just close the application in device and reopen the application after 2 days) during that time i got an "LA user role required" 


Hi,


The application will lose the session, so if you read the error you can notice the login id is Anonymous.


You can change the cod to improve that sequence (you can have one if to verify if the session is null) and if the user lost the session, you redirect to login page


Hope to help,

Thiago Mari


Thiago Mari wrote:

Ganeshkumar Chelladurai wrote:

Thanks all for your response.

i am getting the data from Sales force and used the same in Outsystem  using Sales-force connector.

I was given proper Role assigned while login the user and Checked enabled LA user for each screen.Hence application has used only LA Role based person.


I could able to Login Home page if i am same user Logout and Re-Login


my question is is after 48 hours(just close the application in device and reopen the application after 2 days) during that time i got an "LA user role required" 


Hi,


The application will lose the session, so if you read the error you can notice the login id is Anonymous.


You can change the cod to improve that sequence (you can have one if to verify if the session is null) and if the user lost the session, you redirect to login page


Hope to help,

Thiago Mari



Thanks Thiago, 

Hope u can see my screen shot there session days 35 but application user role got expired after 2 days or above.. May I know where I increase the session value for user role

Please help on this

Regards, 

Ganesh

Ganeshkumar Chelladurai wrote:

Thiago Mari wrote:

Ganeshkumar Chelladurai wrote:

Thanks all for your response.

i am getting the data from Sales force and used the same in Outsystem  using Sales-force connector.

I was given proper Role assigned while login the user and Checked enabled LA user for each screen.Hence application has used only LA Role based person.


I could able to Login Home page if i am same user Logout and Re-Login


my question is is after 48 hours(just close the application in device and reopen the application after 2 days) during that time i got an "LA user role required" 


Hi,


The application will lose the session, so if you read the error you can notice the login id is Anonymous.


You can change the cod to improve that sequence (you can have one if to verify if the session is null) and if the user lost the session, you redirect to login page


Hope to help,

Thiago Mari



Thanks Thiago, 

Hope u can see my screen shot there session days 35 but application user role got expired after 2 days or above.. May I know where I increase the session value for user role

Please help on this

Regards, 

Ganesh

Hi Ganesh,


I saw the screen shot, but in the same screen shot you have one input( the last one) with is in minutes not days, maybe is in there input you need to change.


Please try it


Hope to help,

Thiago S. Mari


Application is working till 48 hours and getting an "LAUser role required" exception after 48 hours so i believe as you mentioned screen shot it is not correct,issue is some where else correct me if i am wrong

Hello GaneshKumar,

The Service Center configurations are for Persistent Login (the first configuration), or Session Login (the last configuration).

Which one you are using in the application depends on the setting on the User_Login call in the Mobile application: 

This is documented here: https://success.outsystems.com/Documentation/11/Managing_the_Applications_Lifecycle/Secure_the_Applications/Configure_Mobile_App_Authentication

So, the setting in the RememberLogin will defined if you will use long period authentication (seems what you want), or session authentication.

More information about this: https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/End-User_Management/End-Users_Authentication/Persistent_Login

I would say your RememberLogin option in the User_Login is set to False, probably.

Hope this helps.

Cheers.

I believe it is session related because the log shows that the user is anonymous, as the guys said!

Eduardo Jauch wrote:

Hello GaneshKumar,

The Service Center configurations are for Persistent Login (the first configuration), or Session Login (the last configuration).

Which one you are using in the application depends on the setting on the User_Login call in the Mobile application: 

This is documented here: https://success.outsystems.com/Documentation/11/Managing_the_Applications_Lifecycle/Secure_the_Applications/Configure_Mobile_App_Authentication

So, the setting in the RememberLogin will defined if you will use long period authentication (seems what you want), or session authentication.

More information about this: https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/End-User_Management/End-Users_Authentication/Persistent_Login

I would say your RememberLogin option in the User_Login is set to False, probably.

Hope this helps.

Cheers.

In My application i am not using "DOLogin" server action since Login validation using Active Directory(Microsoft Login connector) Authentication.

The Service Center configurations are for Persistent Login (the first configuration), or Session Login (the last configuration) - Please share the screen shot in service center where i need to change Persistent Login or Session Login



Hello Ganeshkumar,

The Microsoft Connector will execute a Login in OutSystems, and the Persistent of System Login action it uses is set to True. It should be logged for at least 15 days (according System Login action documentation).

Are you using any other plugin in your mobile that has impact on authentication / authorization?
Are you not logging out the user when the application goes to the background or when it is closed?

I'll ask around to see if Login works differently than User_Login, but I would not expect it to.

Cheers.

Eduardo Jauch wrote:

Hello Ganeshkumar,

The Microsoft Connector will execute a Login in OutSystems, and the Persistent of System Login action it uses is set to True. It should be logged for at least 15 days (according System Login action documentation).

Are you using any other plugin in your mobile that has impact on authentication / authorization?
Are you not logging out the user when the application goes to the background or when it is closed?

I'll ask around to see if Login works differently than User_Login, but I would not expect it to.

Cheers.

Please find my comments in below:

Using Sales force connector to get the data from Sales force and store the same in Local storage.

Login Authenication(Microsoft Connector) -- >Outsystem --->Sales force connector-->Sales force application

apart from 

Component :AzureADConnector,Common Plugin),DialogsPlugin),OutSystems UI Mobile),Salesforce_Connector,SecureDevicePlugin,Users,HTTPRequestHandler
Extension:HTTPRequestHandler,SForce,Text


Are you not logging out the user when the application goes to the background or when it is closed?:No

As per functionality application should not be closed until user manually click on Logout action..Application user may open the application more than 50 days(but just close the application and use other apps since using mobile device)


I was alerted by Fábio Fantato that if the same user logout from a different application (even in in a preview in the chrome), as the token authentication is the same, the user will be logged out in all applications.

This could explain the behaviour you are seeing.

Eduardo Jauch wrote:

I was alerted by Fábio Fantato that if the same user logout from a different application (even in in a preview in the chrome), as the token authentication is the same, the user will be logged out in all applications.

This could explain the behaviour you are seeing.

i am not getting your point, could you Please explain elaborately 


If you have more applications OutSystems that the same user has access and they do logout in one of it, it would logout from this application also.  

Eduardo Jauch wrote:

If you have more applications OutSystems that the same user has access and they do logout in one of it, it would logout from this application also.  

All login related validation and authorization of login maintain in only one application,so there is no possibility to user login via other applications


Hi Ganesh,

Does not matter where it does the login, but if he logout from a different application.

But if this is not the case, than someone will have to look to the application and do some tests.
We are getting out of options here.

I noticed that your application is calling OAuth2_GetToken. Internally, this action must be using the Login action from OutSystems. Please, open it and take a look to see if the Persistent Login is being used (set to True).

If yes, than you have to investigate if something else that you are using is logging out the user. For example, if the SecureDevicePlugin is doing someting, etc.

Cheers.

GetToken:


Login Persistent set True


Even i am getting an exception "LAUSer role required".i am not sure where i need to fix the issue

The exception is happening because the User is not logged in.
From your error detail:

Login Id: Anonymous

This means that you are trying to request a resource (like a page), that requires this Role, but you are not logged in (only Anonymous Role is associated with an Anonymous user).

So, I will ask:

1. Did you login? If not, if you login now, it solves the problem of the role required?

2. How much takes to the user to start having problems? If you close the application and open it again, it still works? If you close and wait an hour, it still works?

3. are you sure the user didn't logged out?

Cheers.

Eduardo Jauch wrote:

The exception is happening because the User is not logged in.
From your error detail:

Login Id: Anonymous

This means that you are trying to request a resource (like a page), that requires this Role, but you are not logged in (only Anonymous Role is associated with an Anonymous user).

So, I will ask:

1. Did you login? If not, if you login now, it solves the problem of the role required?

2. How much takes to the user to start having problems? If you close the application and open it again, it still works? If you close and wait an hour, it still works?

3. are you sure the user didn't logged out?

Cheers.

Answer for above three questions

1)Did you login? If not, if you login now, it solves the problem of the role required?

Ans:Login and could see the application Home page there is no issue in that till 2 days application has been closed from device not logged out the application

2. How much takes to the user to start having problems? after 48 hours or above(consider user has not opened      the application till 3 days but not logged out ) application can open if i perform any action immediately it will throw an "LA user role required" but this issue not happen with in 48 hours during that you can close the application n number of time but user not logged out during that time

If you close and wait an hour, it still works?:yes it is working till 2 days

If you close the application and open it again, it still works? Yes


3. are you sure the user didn't logged out?::Yes

Hi,

Never heard of this. Your configurations seems to be standard. With that configuration, logging in should keep you logged at least for 30 days.

Can't help more. Sorry.

Probably you will want to open a support ticket with OutSystems so that they can take a look.

Cheers.

Eduardo Jauch wrote:

Hi,

Never heard of this. Your configurations seems to be standard. With that configuration, logging in should keep you logged at least for 30 days.

Can't help more. Sorry.

Probably you will want to open a support ticket with OutSystems so that they can take a look.

Cheers.

Final question seems issue in Salesforce connector(my assumption) bcoz salesforce Login not logged any Message(Log Message) after 3 days even i placed the Log message in exception as well flow but no where message is logged


Any guess like, is there any restriction or after any expire duration for  Sales force login expiration

SalesForce is a third party app and the login on it does not have direct impact in OutSystems login.
Can be something related? Can. But I would find very strange.

Ganeshkumar Chelladurai wrote:

Hi Hi All,

Developed Mobile application, Login validation using Active Directory(Azure) and fetch the data from sales force Via Outsystem.


My application is working properly and could performed all operations.


After 48 hours i am trying to perform action i am getting an exception as  "LAUser Role Required" .kindly help me to resolve issue


Exception info given below:

Id: c9bbca8f-c6f7-4dba-a81d-9a06d6710b64

Time of Log:2019-10-04 06:43:30

Request Key:1adf4356-d130-4bf6-bfd1-5393ff1cb082

eSpace:

Tenant:Users

User:

Login Id: Anonymous

Server:

E3QAN-NP4V9L

Screen:

Action:GetUserDetails

Error Message:

LAUser role required

Stack:

LAUser role required

GetUserDetails
 WASP.NotLAUser: LAUser role required

   at ssWASP.ScreenServices.WASP_MainFlow_HomePage_Controller.CheckPermissions(HeContext heContext)

   at ssWASP.ScreenServices.WASP_Controller.<ActionGetUserDetails>b__10(HeContext heContext, String screenName, JObject screenModel, JObject inputParameters)

   at OutSystems.RESTService.Controllers.ScreenServicesApiController.endpoint(String input, String endpointName, String apiVersion, EndpointImplementationDelegate implementation)



Service center Screen shot:


Maybe it is session related.
The log is show that the user as anonymous, like was cited above!


Suellington Gomes wrote:

Ganeshkumar Chelladurai wrote:

Hi Hi All,

Developed Mobile application, Login validation using Active Directory(Azure) and fetch the data from sales force Via Outsystem.


My application is working properly and could performed all operations.


After 48 hours i am trying to perform action i am getting an exception as  "LAUser Role Required" .kindly help me to resolve issue


Exception info given below:

Id: c9bbca8f-c6f7-4dba-a81d-9a06d6710b64

Time of Log:2019-10-04 06:43:30

Request Key:1adf4356-d130-4bf6-bfd1-5393ff1cb082

eSpace:

Tenant:Users

User:

Login Id: Anonymous

Server:

E3QAN-NP4V9L

Screen:

Action:GetUserDetails

Error Message:

LAUser role required

Stack:

LAUser role required

GetUserDetails
 WASP.NotLAUser: LAUser role required

   at ssWASP.ScreenServices.WASP_MainFlow_HomePage_Controller.CheckPermissions(HeContext heContext)

   at ssWASP.ScreenServices.WASP_Controller.<ActionGetUserDetails>b__10(HeContext heContext, String screenName, JObject screenModel, JObject inputParameters)

   at OutSystems.RESTService.Controllers.ScreenServicesApiController.endpoint(String input, String endpointName, String apiVersion, EndpointImplementationDelegate implementation)



Service center Screen shot:


Maybe it is session related.
The log is show that the user as anonymous, like was cited above!

Error Log:

Id:
41d15b84-cbf5-4f58-8c10-41ddcbde94ef
Time of Log:
2019-10-10 05:06:46
Request Key:5e2d48d0-93bc-4fba-8020-f1dc2aca7814
eSpace:
WASP
Tenant:
Users
User:

Session Id:
No session
Server:
E3QAN-NP4V9L
Module:

Message:


LAUser role required


Environment InformationeSpaceVer: 0 (Id=429, PubId=0, CompiledWith=11.0.212.0)
RequestUrl: https://wsspl-tst.outsystemsenterprise.com/WASP/screenservices/WASP/ActionGetUserDetails (Method: POST)
AppDomain: /LM/W3SVC/1/ROOT/WASP-644-132151575135427010
FilePath: D:\OutSystems\Platform Server\running\WASP.01729348790\
ClientIp: 49.207.130.37
DeviceUUID: 0bb4f01f86e812d8
Locale: en-US
DateFormat: yyyy-MM-dd
PID: 3028 ('w3wp', Started='3/18/2019 3:33:49 PM', Priv=782Mb, Virt=2111160Mb)
TID: 30
Thread Name:
.NET: 4.0.30319.42000
Stack:
LAUser role required
   at ssWASP.ScreenServices.WASP_MainFlow_HomePage_Controller.CheckPermissions(HeContext heContext)
   at ssWASP.ScreenServices.WASP_Controller.<ActionGetUserDetails>b__10(HeContext heContext, String screenName, JObject screenModel, JObject inputParameters)
   at OutSystems.RESTService.Controllers.ScreenServicesApiController.endpoint(String input, String endpointName, String apiVersion, EndpointImplementationDelegate implementation)

GetUserDetails
 WASP.NotLAUser: LAUser role required
    at Object.a [as getException] (https://wsspl-tst.outsystemsenterprise.com/WASP/scripts/OutSystems.js?s5pyWJcGPrfgJDbFqCQweA:1:23958)
    at XMLHttpRequest.g.onload (https://wsspl-tst.outsystemsenterprise.com/WASP/scripts/OutSystems.js?s5pyWJcGPrfgJDbFqCQweA:3:9297)

GetUserDetails Action in salesforce connector,call that action from Outsystem to salesforce. i have placed Log messge in saleforce connector but not logged in service center,anyone guess why it is not calling this action?please help on this