Previous topic

Next topic

Setting up Passthrough Login

The application allows Administrators to create special URLs that allow users to access parts of the system without having to login. This is fully configurable and can be setup as per the business requirements. This is ideal for following contractors, visitors, or members of the public to log Incidents or Hazards without having the need to self-register or create new user accounts.

Steps to setup

Enable the feature flag:

  1. In the config.properties (under ..\SAI360\config\), add the below feature flag and save the file

    mainConfig.EnablePassthroughLogin=true

  2. Restart Tomcat service.
  3. Under Global Settings Menu path separator Authentication tab, tick the checkbox Allow URL passthrough Authentication and save.

    note_awesome

    Allow URL Passthrough Authentication is only applicable for Basic Authentication and Dual Login authentication methods (with 2FA disabled).

  4. Perform a web application publish and restart Tomcat service.

  5. Setup a generic user account:

    Navigate to Admin Menu path separator Security Menu path separatorUsers and create a new user account.

    Populate all the required mandatory fields.

    Tick Allow URL Passthrough Login option for that user.

    The user must be granted the security roles they require in order to access the forms. For example, if you wish for that user to bypass the authentication process for creating new Incidents and Hazards, they need to be granted the relevant Incident and Hazard security roles.

  6. To setup the passthrough URL, the system requires the username and password, separated by a colon ‘:’ as arguments in the URL.

    The arguments need to be base64 encoded.

    Example:

    URL Argument

    Base64 Encoded

    Contractor@evotix.com:Monday!@#

    Q29udHJhY3RvckBldm90aXguY29tOk1vbmRheSFAIw==

  7. Passthrough URLs can be setup for any component.

    To create a new Incident record, the URL is as below:
    http://<WEBAPP_URL>/new/Incident?passthrough=Q29udHJhY3RvckBldm90aXguY29tOk1vbmRheSFAIw==

    where passthrough is the parameter name which has the encoded username and password

    Another example below to open a specific Audit record:
    http://<WEBAPP_URL>/view/Audits/AUD-0000060?passthrough=Q29udHJhY3RvckBldm90aXguY29tOk1vbmRheSFAIw==

    note_awesome

    You can setup QR code for the above URL allowing the users to directly login to the web application.

    Refer to the Setting up the Creation or Opening of Records with QR Code to set up this in the mobile application.

  8. If the Form has the Render Unwrapped option enabled (set up in the Form Properties), you can pass in that parameter into the URL and the system will generate a form with no menu, top bar and close buttons.

    This is particularly useful when the requirement is to give external contractors/visitors access to a form for a specific task (log an Incident or Hazard) without confusing them with the various menu options.

    Example URL:
    http://<WEBAPP_URL>/new/Incident?passthrough=Q29udHJhY3RvckBldm90aXguY29tOk1vbmRheSFAIw==&unwrap=true

URLPassthroughUnwrap

See Also

Other Admin Functions

Anti Virus Scanner

Fonts for the "Save to PDF" Functionality

Maintenance
Back to top
 Go to www.evotix.com
Copyright Evotix