WebLogin - Login to web application
Processes login to a web application.This component only associates login information with a session. No authentication feature is provided.
Stream Information
| Input | Format | All |
|---|---|---|
| Number of Inputs | 1 | |
| Description | Accepts all stream types. | |
| Output | Format | All |
| Description |
The input stream is copied to the output stream. |
Component Properties
| Name | Data Type | Mapping | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| UserName | string | In & Out | Specifies login user name. | ||||||
| SessionLifetime | int | In & Out |
Specifies how long the session is active. By seconds. If time is 0 or less than 0, the session life time is not changed. |
||||||
| Logging | boolean | In & Out |
Specifies if outputs the message "User logged in" to FlowService.log.
|
||||||
| Auth | category | In & Out |
Specifies a role to add for login user. For details, please refer to following topic "How to use roles". |
Transaction
| Commit | Do nothing |
|---|---|
| Rollback | Do nothing |
Exceptions
This component never causes any exceptions.
How to use WebLogin component
This component is used for management of login status of web application.
Typically, this component is in the flow which invoked from login page. Typical process of the flow is like following.
1. Acquires user name and password.
2. Authenticates user somehow.
3-1. If authentication succeeded, turns a login status on and moves next page.
3-2. If authentication failed, backs to login page.
If you want to make a flow to be able to be executed only when user is logged in, you should do as follows.
- Choose "true" in "LoginCheck" property in HttpStart component.
- Choose a flow which redirects to login page in "NotLogined" property in HttpStart component.
Session
The session is the one to identify a consecutive access in the Web application from the same browser.
No construction of the Web application it becomes the one that doesn't become it as information accessed the session variable in effective the session before is preserved, and it is possible to take it out later.
(This component also uses the session and the state of log in is maintained. )
When web browser accesses the web server of Flow service first, the session is generated. After that, the access from the same browser has same session ID. The validity term of the session is not the same as the period when same session ID is used.
The session is disabled in the following cases, and information before that is cleared.
- When the "Session" property is "Close". (Close)
- When there is no access after the time specified as session lifetime. (Timeout)
It is general to release the state of log in when there is no access in the Web application during the fixed time for the security securing.
However, time until the time-out can be controlled by specifying time of the session life time by this component.
(When the session life time is not specified, the life time of the session generated with URL accessed first is kept.)
How to use roles
You can use multiple roles with any name.
For example, adds following roles with this components.
| Role Name | Add | Description |
|---|---|---|
| UserAdmin | Yes | Role for user management |
| MasterAdmin | No | Role for master management |
In order to change these roles, put the Mapper component before this component, and map "true" or "false" by if adding role or not.
If you specifies "UserAdmin" as a "RequiredRole with WebLogin" of HttpStart component, an error occurs when the user who logged in with this component doesn't have "UserAdmin" role.