Custom Authentication

<< Click to Display Table of Contents >>

Navigation:  Bizagi Studio > Security definition > Work Portal Security > Authentication > Advanced Authentication >

Custom Authentication

Overview

Custom Authentication allows you to define your own component to be used by Bizagi's Work Portal authentication.

This means that through this option, you may override the methods used by Bizagi to allow login to end users.

 

Custom Authentication

 

 

What to implement?

The Authentication class of your custom component must implement the following methods:

 

public bool authenticate(string sDomain, string sUsername, string sPassword, ref string sErrorMessage)

This method is used to authenticate the user in the system.

The domain, user and password are sent as input parameters and a Boolean value is returned indicating successful authentication or not.

In the latter case the sErrorMessage parameter must be filled with the corresponding error.

 

public void logOff(string sDomain, string sUsername)

This method is used to send the remote system a notification that the user left the system, or his/her session has been inactive.

 

public bool changePassword(string sDomain, string sUsername, string sOldPassword, string sNewPassword, ref string sErrorMessage)

This method is used to allow a change of password for end user accounts (send the remote system a request for a password change).

 

public bool changePassword(string sDomain, string sUsername, string sOldPassword, string sNewPassword, string sSecretQuestion, string sSecretAnswer, ref string sErrorMessage)

This method is used to allow a change of password for end user accounts (send the remote system a request for a password change).

Unlike the previous method, this one has an overload with information of the secret question and its answer.

 

Setting Custom Authentication

To set Custom as the authentication type, select Custom from the drop-down list:

 

Authentication_Custom

 

Click on the Update button.

When this option is selected, Bizagi is informed that the authentication will be handled by an external component (developed by a third party).

Therefore, this option requires that you both: Specify detail for the assembly and class to be used by the authentication module, and include this assembly in Bizagi's project solution (at the Web application's bin).

 

 

In summary, Custom Authentication has the following configuration options:

Custom Authentication Class: Defines the name of the class that will perform the custom authentication within the component specified. You will need to include the namespace of that class (set as Namespace.Class).

 

Authentication_CustomParam01

 

Custom Authentication Component: Defines the name of the assembly that will perform the authentication. This assembly must be present  in the Web application bin or in the GAC.

 

Authentication_CustomParam02

 

Once you have set the mentioned parameters, in execution your end users will input their credentials in the login page.

Bizagi will invoke the class and method as specified in the configuration and send these credentials.

If the user does exist in Bizagi and the custom method returns True, Bizagi will grant access.

 

Example

To see an example of Custom authentication use and implementation, refer to Custom authentication example.