Hello OutSystems Community,
I have an application currently having SSO authentication. I need to further authenticate based on the roles and permissions of the application. These roles and permissions are created dynamically in tables.
Currently after the SSO process, User are directed to the default screen, regardless of whether they have the appropriate permissions in our application's User database
How can I integrate custom logic after the SSO process to validate user permissions for my application?
Any guidance, best practices, or insights into handling these scenarios would be greatly appreciated. Thank you in advance for your help.
Regards.
Hello Martin,
You can always have specific roles related to SSO authentication, in this case this screen can only be accessed by users with these roles, can check the Screen Role properties to restrict the access to your screen, check if the screen is with the anonymous checked because with this all users have access to the home screen. Can see the example bellow.
Also if you want to restrict access to part of your screen there are ways that you can develop:
a. Use DataActions to fetch the user access;
b. In the OnReady event, you can use JavaScript element, $parameters and $roles to set your screen.
Best Regards :)
Hi Andre, What i wish to achieve is let the user maintenance the system in the runtime by themselves instead of opened the coding and do the adjustment by developer. That is the reason why i choose to create my own Role-based Security features due to the role and screen permission that provide by Outsystems is not able be dynamically add or minus during runtime.
Very grateful for your ideas, but your way seems like need to apply the checking logic in every screen we created, it seems like duplicated but i will take a shot for that.
I try to achieve what can done by the Outsystems Role-based Security features and make it more easier to do configuration. Currently, features that achieve include:
1. able assign user a role
2. screen be dynamically in side menu.
3. Which screen(s) able be access by which role(s) and display in tabular checkbox format
4. Based on which role that hold by user, limited the option that display at side menu bar.
Hey Martin,
Sorry didn't understand that you want to create a backoffice, can test this idea:1 - You can assign your role on runtime with the actions related to the User (RoleAction image attached);2 & 3 - I think that you can fetch on OutSystems entities (Dependencies -> System) the list of screens presented on your module(espace), but i don't know if you have access to the same, and by this you need to rebuilt your data model. At this moment i think that dont have any feature get the roles to access specific screens on DB of OutSystems. After remodeling your database you need to make all screens registered (better practice if only with roles that you use on your app) and on a data action checking if the user logged as permissions to access that screen( DataModel image attached);
4 - On side menu of your application you need to change the links to your entity Screen records and redirect by name for example.
Hope that this approach can help you somehow :)
Best Regards