Active Directory login (worked example)

Post any questions you have about using the Verj.io Studio, including client and server-side programming with Javascript or FPL, and integration with databases, web services etc.

Moderators: Jon, Steve, Ian, Dave

neilnewman
Ebase User
Posts: 201
Joined: Fri Dec 20, 2013 1:29 pm
Location: Dartford Borough Council
Contact:

Active Directory login (worked example)

#1

Postby neilnewman » Tue Jul 07, 2020 7:56 am

We are a locally hosted site and currently use a piece of ASP code to validate our users in AD.
Now that we have upgraded to version 5.6 of Verj.io we would like to use the AD integration that comes pre-installed.
I cannot claim to be the greatest coder, so to save me many hours of frustration, I don't suppose you have a worked form example calling the AD validation routine, to return various elements out of AD, with just the AD username being passed in?

Thus far I can successfully run the "Test LDAP Connection", so I assume my values are configured correctly here.

NB: I looked through the Knowledge base but could not see a worked example.

SORRY POSTED THIS IN THE WRONG SECTION "CLOUD" SHOULD OF BEEN "ON PREMISE"
0 x

Steve
Moderator
Moderator
Posts: 414
Joined: Fri Sep 07, 2007 3:44 pm
Location: Sandy, UK
Contact:

Re: Active Directory login (worked example)

#2

Postby Steve » Wed Jul 08, 2020 3:22 pm

Hi Neil,

Are you going through IIS to the Ebase Server? This makes things much simpler as the username is automatically picked up through the Servlet Interface and pushed through to the Logon Exit web service.

If you are going through IIS and have checked the 'Enable Authentication for all users' in the Security Properties Section then you will not need to configure anything else.

The authentication should go through this code in the defaultLogonService in the project VerjSamples:

Code: Select all

else if ( isUseridFromApplicationServer(useridSource, userid) )
{
	populateRolesFromADGroups(userid);
	populateAttributesFromAD(userid);
	populateRolesForWorkFlow();
}
This populates the user for you using the LDAPServices. The LDAPServices uses the LDAP configuration you have already configured.

If you need a custom solution then you will need to look at the LDAPServices API or the logonServiceFunctions (in the project VerjSamples) script for examples.

See the example functions below to extract data from Active Directory using LDAP Services:

Code: Select all

/**
 * Populates internal CUSTOMROLES table with security roles of the supplied user - one role for each AD group
 * @param userid
 */
function populateRolesFromADGroups(userid) {

	tables.CUSTOMROLES.resetTable();
	try {
		var groups = LdapServices.getADGroups(userid);

		for each (var group in groups)
 		{
 			tables.CUSTOMROLES.insertRow();
			tables.CUSTOMROLES.ROLEID.value = group;
 		}
		tables.CUSTOMROLES.updateTable();
	}
	catch (e) {
		fail ("ERROR", e.javaException.toString() + " - See server log for details");
	}
}

/**
 * Populates internal CREDENTIALS table with user attributes of the supplied user
 *  - one key/value pair per attribute
 * @param userid
 */
function populateAttributesFromAD(userid) {

	tables.CREDENTIALS.resetTable();
	try {
		var emailattrs = LdapServices.getUserAttribute(userid, "mail");
	  if (emailattrs.length > 0)
	  {
	  	tables.CREDENTIALS.insertRow();
			tables.CREDENTIALS.ID.value = "email";
			tables.CREDENTIALS.VALUE.value = emailattrs[0];
			tables.CREDENTIALS.updateTable();
	  }
	}
	catch (e) {
		fail ("ERROR", e.javaException.toString() + " - See server log for details");
	}
}
The Test LDAP button was introduced in 5.7. Could you confirm which version you are using?

In version 5.7 we moved things about a bit and you can configure the AD authentication in the Security --> User Authentication section. You will need to enable the Use Windows Domain User checkbox. This will authenticate the all users access forms. Again you will need to go through IIS for this to work automatically.

Kind regards

Steve
0 x


Who is online

Users browsing this forum: No registered users and 12 guests