How to setup AD authentication in HTML5? Could you please give some example of configuration files? Thank you.
It is enough to set up an IIS Windows Authentication with the latest versions of ORIGAM (master). Windows button will appear under the login box. Clicking on it will use the current user’s Windows login to authenticate.
I enabled IIS Windows Authentication and the button appeared. When I click the button there is error page shown with different URL - instead of https://localhost/, it is rewritten to https://localhost/External/Callback and http error is thrown - This localhost page can’t be found.
Is there a way to automatically login with Windows credentials without clicking the button?
You actually have to create a record in
OrigamUser table for each user. Password can be an empty string (not NULL).
In order to automatically create the records you can use this trigger:
SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO -- ============================================= -- Author: Advantage Solutions, s. r. o. -- Create date: 25.3.2021 -- Description: Creates OrigamUser record for -- a newly assigned user so he can login with -- Windows auth. -- ============================================= CREATE TRIGGER dbo.CreateOrigamUser ON dbo.BusinessPartner AFTER INSERT,UPDATE AS BEGIN SET NOCOUNT ON; declare @userName nvarchar(100) declare @id uniqueidentifier select @userName = UserName, @id = Id from inserted IF (@userName IS NOT NULL and NOT EXISTS (select * from OrigamUser where refBusinessPartnerId = @id)) BEGIN INSERT INTO OrigamUser (Id, refBusinessPartnerId, UserName, Password, IsLockedOut, FailedPasswordAttemptCount, EmailConfirmed, Is2FAEnforced) VALUES (newid(), @Id, @userName, '', 0, 0, 1, 0) END IF (@userName IS NULL) BEGIN DELETE FROM OrigamUser where refBusinessPartnerId = @id END END GO
Thank you for the script. I think there is a little bug - the SELECT in first condition should be:
select * from OrigamUser where refBusinessPartnerId = @id
This removes the http error.
Is there a way to bypass the login screen (no button clicking) and directly use Windows credentials to login the application like in Flash version?
This is the only way to use external logins currently.