Comflow URL Login
- 20 Jan 2023
- 3 Minutes to read
- Contributors
- Print
- DarkLight
Comflow URL Login
- Updated on 20 Jan 2023
- 3 Minutes to read
- Contributors
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Comflow URL Login
Introduction
The document describes how you set up and use URL login, which means that you can access a specific task directly, bypassing login screen in Comflow and possibly also start a task with specific mapdata parameters.
What is URL login
URL login is a method to sign in to Comflow from external applications, embedded in other applications or just via an URL and get directly to a function with possibly filter data set.
How?
There are two different methods:
- Send sign on information online
- Use Single Sign-on (SSO)
Use Single Sign-on is a better method as the login data is not sent and is not accessible.
URL login supports the sending of user and password in the URL. This is though not recommended, especially not for password, why there are ways to bypass this.
Thereby you have 2 major ways of controlling the login.
1. Session id.
By sending a "sessionid" parameter in the URL, the system can identify it as an already existing session in Comflow or as an existing cookie. This is the preferred way for embedded applications. Thereby it is up to the application that embeds Comflow to create a session or the cookie before using the URL-login.
2. User id
By sending just a "userid" as parameter and not the password, you can use a list of users or a list of user groups in the site def to specify what users that are allowed to login in via URL whithout the password.
Sitedef Configuration
The behavior of the URL login function can be controlled from parameters in the sitedef.
All parameters should be entered under the Authentication section.
The following parameters can be used:
- url.login : true | false, default false, turn URL function on or off
- url.login.sso.mode : true | false, default, false, use single sign mechanism for authentication
- Note: Single Sign On need to be configured and activated. See documentation for SSO setup.
- url.login.users : user1,user2, ... List of users that are allowed for URL login
- url.login.groups: group1,group2, ... List of user groups that are allowed for URL login
- session.values.in.url : true | false, accept session values in URL
- start.task.in.url : true | false, accept start of task from URL
- start.task.in.url.hide.navigator : true | false, Hide navigator if start task exist
- mapdata.in.url : true | false, accept map data in URL
- url.login.single.session : true | false, closes other sessions for the user if true
Example:
<Authentication name="CA" class="net.comactivity.core.authentication.CAAuthentication">
<Parameters>
<parameter name="url.login" value="true" />
</Parameters>
</Authentication>
URL Syntax
The behavior is controlled by setting parameters in url.
The URL starts with the application URL for Comflow and a question mar ("?"), like http://localhost:8080/comflow?
After the question mark, you enter either userid or sessionid, like userid=comflow or sessionid=1446827-214e-49d9-8380-3a696e6d2f4f.
After that you can complement with session values, what task to start and how as well as mapdata and datamodel event. All separated with "&", like &_sessCompany=001&_startTask=MyWorklistV4
The following parameters can be used
userid | The user identity for the user |
pwd | The password for the user identity |
sessionid | The session identity for an existing session or cookie. Userid and pwd is omitted for this scenario. |
_sessX | Session value parameters starts with prefix “_sess”, where X replaced with a session variable, like "Company", "CONO" and so. More then one value can be used. |
_startTask | Name of task to start |
_startEntryPoint (only used with _startTask) | Entry point to start in |
_startEntryTab (only used with _startTask) | Tab to start in |
| _mapdata | Mapdata starts with parameter “_mapdata”. More then one value can be used.
|
| _dataModelEvent | Set the initial data model event |
Example user:
http://anyhost:8080/comflow?userid=mike&pwd=mypwd&_sessCONO=1&_sessDIVi=OF&_startTask=WorkWithABCClass&_startEntryPoint=child4&_mapdataCAAPPS_ABCClass_ABCClass=B&_dataModelEvent=_model_update
Explanation of the example:
This URL would sign in for the Comflow installation on anyhost via port 8080 for the user mike. Company (CONO) and division (DIVI) would be set to 1 and OF respectively. The function (task) WorkWithABCClass would be started with the entry point (starting portlet/view) child4. Filter data would be ABCClass=B and the function would be set into update mode.
Example session:
http://anyhost:8080/comflow?sessionid=12345678901234567890&_startTask=WorkWithABCClass
Explanation of the example:
This URL would sign in for the Comflow installation on anyhost via port 8080 for the session identity 12345678901234567890 (which then shall be an existing session in Comflow or a cookie in the users web browser. The function (task) WorkWithABCClass would be started.
Detect URL login in rules
To detect if a certain session is made via URL login, you can use the code below in a rule:
if (StringUtil.getBooleanParameter((String) sessionWorkspace.getTemp("_urllogin"), false)) {
// URL login for this session
}
Was this article helpful?