Login Screen

<< Click to Display Table of Contents >>

Navigation:  Configuration > ST_CONFIG Entries > Widgets >

Login Screen

User Password Complexity

Register New User

Azure Active Directory for User Authentication

OpenID Connect for User Authentication

Disable Basic User Authentication

 

The EQuIS Enterprise Login Screen can be customized in a variety of ways using entries in the ST_CONFIG database table.

 

EQuIS Version: 7

 

Products Affected: Enterprise

 

Required Modules: Enterprise Web Application

 

 

User Password Complexity

 

The default value for Password Complexity is "^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,30}$". This matches any string that is between 6 and 30 characters long that includes numbers (ASCII code 48 to 57), lowercase letters (ASCII code 97 to 122), and uppercase letters (ASCII code 65 to 90).

 

The password complexity requirements can be customized by adding a row to the ST_CONFIG table as follows:

 

ST_CONFIG

VALUE

REMARK

CONFIG_SECTION

LoginWidget


CONFIG_KEY

passwordRegex


OBJECT_TYPE



OBJECT_VALUE



STRING_VALUE

<string>

Your password regex

 

Example:

 

CONFIG_SECTION

CONFIG_KEY

STRING_VALUE

LoginWidget

passwordRegex

'your password regex'

 

When updating the password regex value, it will be necessary to also update the password validation error message to fit with the new password rules. This message is stored as a value with a key = "passwordTooltip" in the language resource files in /components/i18n/lang_en.json. (Example is for the English language file _en. Other supported language files are indicated by the appropriate language code suffix.)

 

 

Register New User

 

The ability to register new users is disabled by default. An EnableRegistration entry needs to be added to the ST_CONFIG table to enable the new user registration functionality. An EQuIS Administrator needs to create an entry with CONFIG_SECTION, CONFIG_KEY and STRING_VALUE populated. Once the entry for enabling registration has been added to the ST_CONFIG table, a “Create New Account” link is displayed on the Enterprise Login Screen.

 

ST_CONFIG

VALUE

REMARK

CONFIG_SECTION

LoginWidget


CONFIG_KEY

EnableRegistration


OBJECT_TYPE



OBJECT_VALUE



STRING_VALUE

True|False

True enables the new user registration link

False disable the new user registration link

 

Example:

 

Enable new user registration by setting the STRING_VALUE to “true”.

 

CONFIG_SECTION

CONFIG_KEY

STRING_VALUE

LoginWidget

EnableRegistration

True

 

Link Text

 

An administrator can customize the text of the Create New Account link for new user registration by adding a row to the ST_CONFIG table as follows:

 

ST_CONFIG

VALUE

REMARK

CONFIG_SECTION

LoginWidget


CONFIG_KEY

linkRegisterUser.Text


OBJECT_TYPE



OBJECT_VALUE



STRING_VALUE

<string>

Desired user registration link text

 

Example:

 

CONFIG_SECTION

CONFIG_KEY

STRING_VALUE

LoginWidget

linkRegisterUser.Text

'your user registration link text'

 

 

Azure Active Directory for User Authentication

 

Enterprise users may be authenticated with Azure Active Directory (AAD) rather than an EQuIS username and password (i.e., basic user authentication). While the AAD authentication occurs on the Login Screen, the associated ST_CONFIG.CONFIG_SECTION = Authorization rather than LoginWidget. See the Azure Active Directory article for details on implementing AAD on the EQuIS database.

 

 

OpenID Connect for User Authentication

 

Enterprise users may be authenticated with an external, third party identity provider using OpenID Connect rather than an EQuIS username and password (i.e., basic user authentication). While the OpenID authentication occurs on the Login Screen, the associated ST_CONFIG.CONFIG_SECTION = Authorization rather than LoginWidget. See the OpenID Connect article for details on implementing OpenID on the EQuIS database.

 

 

Disable Basic User Authentication

 

User authentication is with an EQuIS username and password (i.e., basic user authentication), using Azure Active Directory (AAD), or using OpenID Connect. If an administrator wants all EQuIS users to use only AAD or OpenID user authentication rather than EQuIS credentials, basic authentication can be disabled. The EQuIS username and password text boxes and the Sign In button will no longer be displayed on the Login Screen.

 

Warning: Either Azure Active Directory or OpenID for user authentication must be appropriately configured and enabled for all users prior to disabling basic user authentication or users will not be able to login to the Enterprise site.

 

Disable basic user authentication by adding a row to the ST_CONFIG table as follows:

 

ST_CONFIG

VALUE

REMARK

CONFIG_SECTION

LoginWidget


CONFIG_KEY

DisableFormsAuthentication


OBJECT_TYPE



OBJECT_VALUE



STRING_VALUE

True|False

True = Hides EQuIS username and password

False = Shows EQuIS username and password

 

Example:

 

Disable basic user authentication by setting the STRING_VALUE to “true”.

 

CONFIG_SECTION

CONFIG_KEY

STRING_VALUE

LoginWidget

DisableFormsAuthentication

True