Basic authentication is not working on my exposed rest api getting invalid details

Hi

I am exposing a rest api and provided the basic authentication to the api. In onAuthentication access i am calling user_login action by passing the user name and password. 

So when i am calling from rest client i am getting invalid user name and password. Can anyone help me what i missed here.

Attached the images for the reffrence

Thanks,

Laxmiprasanna.

Which UserName and password are you using? 

I don't think you have one at that given moment.


Perhaps you can give more info on what you are trying to do? I don't see why you would use user_login in the on authentication method, you already estasblished the rights with the Basic Authentication.


Stefano Valente wrote:

Which UserName and password are you using? 

I don't think you have one at that given moment.


Perhaps you can give more info on what you are trying to do? I don't see why you would use user_login in the on authentication method, you already estasblished the rights with the Basic Authentication.



If i want to provide basic authentication on my rest api what should i do on onAuthentication action.

I am doing user_login on onAuthentication action with user name and password provided by user.


Please correct me if i am wrong?


I'm sorry. I didn't understand your question, which was pretty clear.


Did you check your UserProvider?

Stefano Valente wrote:

I'm sorry. I didn't understand your question, which was pretty clear.


Did you check your UserProvider?


I am doing this on onAuthentication action, I tried direct user_login action it is not working and getting invalid username and password. Then i encrypted password and do the login also getting the same error.

Hi, 

To use correctly Basic Authentication in outsystems you need to at leat check the following procedures:

  1. The request format must be http:// <Username>:<Password><FULL PATH of the REST request>
  2. if you do a authentication request directly in the browser use only the <FULL PATH of the REST request>

3. check the user provider of the eSpace where the request is made in my case my authentication user belong to Users, so my User provider must be Users

4. If you have already a logged in user, the platform will use always that user. 

5. Test in a anonymous session to have a good feedback of the development.

laxmiprasanna b wrote:

Stefano Valente wrote:

I'm sorry. I didn't understand your question, which was pretty clear.


Did you check your UserProvider?


I am doing this on onAuthentication action, I tried direct user_login action it is not working and getting invalid username and password. Then i encrypted password and do the login also getting the same error.


My question was if the user provider of your module is set to Users instead of Current module... Could you check that?


Updated the user provider still i am facing the issue.


Celso Duarte Gonçalves wrote:

Hi, 

To use correctly Basic Authentication in outsystems you need to at leat check the following procedures:

  1. The request format must be http:// <Username>:<Password><FULL PATH of the REST request>
  2. if you do a authentication request directly in the browser use only the <FULL PATH of the REST request>

3. check the user provider of the eSpace where the request is made in my case my authentication user belong to Users, so my User provider must be Users

4. If you have already a logged in user, the platform will use always that user. 

5. Test in a anonymous session to have a good feedback of the development.



Seems you have not made the obvious mistakes ;)

Its getting harder to find the issue without looking at the code...

Last attempts:

- The User_Login, where does that action come from?

- Did you logmessage the input User and password, to be sure that combination arrives well to the method?

Stefano Valente wrote:

Seems you have not made the obvious mistakes ;)

Its getting harder to find the issue without looking at the code...

Last attempts:

- The User_Login, where does that action come from?

- Did you logmessage the input User and password, to be sure that combination arrives well to the method?


I am trying to call the api from postman as well as from chrome browser and put debugger point on the user_login action and able to see my credentials those are valid.


Please check in Users manager.

Check if the user that you are trying to loggin is Active or if you are using any type of external authenticaton (LDAP or AD).In this last case, check if the username exists in the inactive users. 

The Action User_Login looks mainly to the username part and ignore the domain in to check if the user is active. 

if there are some problem with user, the output error message is always the same : "Invalid username or password."

Maybe the problem is in there.

Hi Goncalves,

Here in my case the user is created in my system once the user logged into outsystem through Azure. Once we logged in Azure we are saving the use into the system. This user we are using to authenticate.

I checked in system user table, i could see the user status as active in user table.



Assuming that the problem is not the outsystems User try to check Azure AD user.


What is your platform version? 

  1. If is platform version 11, then check this documentation

https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/End-User_Management/End-Users_Authentication/Configure_Azure_AD_Authentication


Try to test the user authentication with that user.


    2 .Please go to Users application and try to test the user authentication at "Configure Authentication" WebScreen.


   3. Try to test with another user.