<< Click to Display Table of Contents >> Navigation: Configuration > ST_CONFIG Entries > Widgets > Login Screen |
•Azure Active Directory for User Authentication
•OpenID Connect for User Authentication
•Disable Basic User Authentication
The EQuIS Enterprise Login Screen can be customized in a variety of ways using entries in the ST_CONFIG database table.
EQuIS Version: 7
Products Affected: Enterprise
Required Modules: Enterprise Web Application
The default value for Password Complexity is "^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,30}$". This matches any string that is between 6 and 30 characters long that includes numbers (ASCII code 48 to 57), lowercase letters (ASCII code 97 to 122), and uppercase letters (ASCII code 65 to 90).
The password complexity requirements can be customized by adding a row to the ST_CONFIG table as follows:
ST_CONFIG |
VALUE |
REMARK |
---|---|---|
CONFIG_SECTION |
LoginWidget |
|
CONFIG_KEY |
passwordRegex |
|
OBJECT_TYPE |
||
OBJECT_VALUE |
||
STRING_VALUE |
<string> |
Your password regex |
Example:
CONFIG_SECTION |
CONFIG_KEY |
STRING_VALUE |
---|---|---|
LoginWidget |
passwordRegex |
'your password regex' |
When updating the password regex value, it will be necessary to also update the password validation error message to fit with the new password rules. This message is stored as a value with a key = "passwordTooltip" in the language resource files in /components/i18n/lang_en.json. (Example is for the English language file _en. Other supported language files are indicated by the appropriate language code suffix.)
The ability to register new users is disabled by default. An EnableRegistration entry needs to be added to the ST_CONFIG table to enable the new user registration functionality. An EQuIS Administrator needs to create an entry with CONFIG_SECTION, CONFIG_KEY and STRING_VALUE populated. Once the entry for enabling registration has been added to the ST_CONFIG table, a “Create New Account” link is displayed on the Enterprise Login Screen.
ST_CONFIG |
VALUE |
REMARK |
---|---|---|
CONFIG_SECTION |
LoginWidget |
|
CONFIG_KEY |
EnableRegistration |
|
OBJECT_TYPE |
||
OBJECT_VALUE |
||
STRING_VALUE |
True|False |
True enables the new user registration link False disable the new user registration link |
Example:
Enable new user registration by setting the STRING_VALUE to “true”.
CONFIG_SECTION |
CONFIG_KEY |
STRING_VALUE |
---|---|---|
LoginWidget |
EnableRegistration |
True |
Link Text
An administrator can customize the text of the Create New Account link for new user registration by adding a row to the ST_CONFIG table as follows:
ST_CONFIG |
VALUE |
REMARK |
---|---|---|
CONFIG_SECTION |
LoginWidget |
|
CONFIG_KEY |
linkRegisterUser.Text |
|
OBJECT_TYPE |
||
OBJECT_VALUE |
||
STRING_VALUE |
<string> |
Desired user registration link text |
Example:
CONFIG_SECTION |
CONFIG_KEY |
STRING_VALUE |
---|---|---|
LoginWidget |
linkRegisterUser.Text |
'your user registration link text' |
Azure Active Directory for User Authentication
Enterprise users may be authenticated with Azure Active Directory (AAD) rather than an EQuIS username and password (i.e., basic user authentication). While the AAD authentication occurs on the Login Screen, the associated ST_CONFIG.CONFIG_SECTION = Authorization rather than LoginWidget. See the Azure Active Directory article for details on implementing AAD on the EQuIS database.
OpenID Connect for User Authentication
Enterprise users may be authenticated with an external, third party identity provider using OpenID Connect rather than an EQuIS username and password (i.e., basic user authentication). While the OpenID authentication occurs on the Login Screen, the associated ST_CONFIG.CONFIG_SECTION = Authorization rather than LoginWidget. See the OpenID Connect article for details on implementing OpenID on the EQuIS database.
User authentication is with an EQuIS username and password (i.e., basic user authentication), using Azure Active Directory (AAD), or using OpenID Connect. If an administrator wants all EQuIS users to use only AAD or OpenID user authentication rather than EQuIS credentials, basic authentication can be disabled. The EQuIS username and password text boxes and the Sign In button will no longer be displayed on the Login Screen.
Warning: Either Azure Active Directory or OpenID for user authentication must be appropriately configured and enabled for all users prior to disabling basic user authentication or users will not be able to login to the Enterprise site. |
Disable basic user authentication by adding a row to the ST_CONFIG table as follows:
ST_CONFIG |
VALUE |
REMARK |
---|---|---|
CONFIG_SECTION |
LoginWidget |
|
CONFIG_KEY |
DisableFormsAuthentication |
|
OBJECT_TYPE |
||
OBJECT_VALUE |
||
STRING_VALUE |
True|False |
True = Hides EQuIS username and password False = Shows EQuIS username and password |
Example:
Disable basic user authentication by setting the STRING_VALUE to “true”.
CONFIG_SECTION |
CONFIG_KEY |
STRING_VALUE |
---|---|---|
LoginWidget |
DisableFormsAuthentication |
True |
Copyright © 2023 EarthSoft, Inc • Modified: 15 Nov 2022