User name & password

Used to verify user credentials against one or more user stores. Requires modules AuthN & Pipes to be deployed.

Configuration

Authenticator type: UserNameAndPassword

Common Authenticator configuration can be found here.

Name Description Default value Mandatory

Name	Description	Default value	Mandatory
`pipe_id`	Pipe to use for validation.	N/A
`allowed_retries`	Numer of allowed faulty tries before system resets the state.	`2`

pipe_id

Pipe to use for validation.

N/A

allowed_retries

Numer of allowed faulty tries before system resets the state.

2

{
  "id": "iodpwd",
  "type": "UserNameAndPassword",
  "config": {
    "base_path": "/saml/authn",
    "context_path": "/saml/authn/uid",
    "pipe_id": "user_validation_pipe",
    "webroot_dir": "web/authenticator/username_password"
  }
}

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when completing and failing a transaction.

Event ids are:

WEB_100017("Authenticated using User-name & password")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_USER_NAME (username entered by the user)
- SOURCE_ADDRESS (ip of the remote session)
WEB_100018("Failed authentication using User-name & password")
- IDENTIFIER (user trace id)
- CUSTOMER_IDENTIFIER (if configured)
- SOURCE_ADDRESS (ip of the remote session)
- SOURCE_USER_NAME (username entered by the user)

Data sent to validation pipe

On validation, data sent to the pipe is:

identifier - the username provided by the user
password - the password provided by the user

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state replacing existing values:

username

API

Starting an authentication

Start by sending in a Ajax request containing identifier & password:

{
    "type": "start",
    "data": {
        "identifier": "<user_data>",
        "password": "<user_password>"
    }
}

The response back will contain either a COMPLETED or ERROR:

{
    "status": "COMPLETED"
}

Translation keys

{
  "username_password.identifier": "Username",
  "username_password.password": "Password",
  "username_password.start_authentication": "Sign in",
  "username_password.authentication_verified": "Identity verified",
  "username_password.redirecting": "Redirecting...",
  "username_password.cancel": "Cancel",
  "username_password.ERROR": "Wrong username or password.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}

{
  "username_password.identifier": "Användarnamn",
  "username_password.password": "Lösenord",
  "username_password.start_authentication": "Logga in",
  "username_password.authentication_verified": "Identitet verifierad",
  "username_password.redirecting": "Omdirigerar...",
  "username_password.cancel": "Avbryt",
  "username_password.ERROR": "Felaktigt användarnamn eller lösenord",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}

PreviousIntegrated windows login, IWA NextOTP validator

Last updated 1 year ago