Hi there,
I’d like to login Perspective Session through the customized login screen. so far the login works, but it won’t authenticate against ignition.
So, when I try to open a view with “View Permissions” it won’t give access.
My setup is:
Dropdown for a [Site]
Input username and password
Login button with onClick event script:
view = self.view
self.session.props.auth.idp = 'my_provider'
loginUser = self.getSibling('txtLoginUser').props.text
loginPwd = self.getSibling('txtLoginPWD').props.text
loginSite = self.getSibling('selSite').props.value
valid = system.security.validateUser(username=loginUser, password=loginPwd)
if valid:
self.session.custom.loginSite = loginSite
user = system.user.getUser("KyberMES",loginUser)
self.session.props.auth.authenticated = True
self.session.props.auth.user.id = str(user.id)
self.session.props.auth.user.userName = loginUser
self.session.props.auth.user.firstName = user.get(user.FirstName)
self.session.props.auth.user.lastName = user.get(user.LastName)
system.perspective.login(forceAuth=True)
system.perspective.navigate('/mainGUI')
Let’s try to simplify this a bit to narrow down where the issue could be occurring:
self.session.props.auth.idp = 'my_provider'
loginUser = self.getSibling('txtLoginUser').props.text
loginPwd = self.getSibling('txtLoginPWD').props.text
loginSite = self.getSibling('selSite').props.value
valid = system.security.validateUser(username=loginUser, password=loginPwd)
if valid:
self.session.custom.loginSite = loginSite
# I've removed setting the user properties as logging in should do that for you
system.perspective.login(forceAuth=True)
# Lets remove this navigation step - just to see what happens
# system.perspective.navigate('/mainGUI')
What happens if you do this, and then navigate to the View which requires permissions? What permissions does the View require? Could you provide the permissions attached to the user who is attempting to use the View in question?
Try using this snippet BEFORE you navigate to the View in question:
system.perspective.print(self.session.props.auth.securityLevels)
system.perspective.print(self.session.props.auth.user.roles)
Does the View require ALL security levels must match, or does it only require one?
@cmallonee Thanks for your reply, let me elaborate on my problem here.
I customized the login screen to replace Ingition’s default login screen. In this case, there is no setup the project’s IdP and permission in [Project Propertys], but assign the “self.session.props.auth.idp” value in the script.
However, when logging in through this custom screen, i always get “You cannot sign in to this application because no Identity Provider is configured.” message.
So, i specified the Project’s IdP and permission. Then re-launch Perspective, but was directed to Ignition’s default login screen.
My project IdP setting:
My Perspective Permission setting:
By the way, I modified the script based on your suggestion and got the following information:
self.session.props.auth.securityLevels ==>
self.session.props.auth.user.roles ==> null
That’s pretty much what I expected.
system.perspective.login() does not log a user in to the application - this function sends the user to the configured Identity Provider so that they can authenticate.
If you supply no arguments, then the user is not required to re-authenticate if they are already authenticated. If you specify forceAuth, then they must re-enter their credentials to continue. Modifying the session properties does NOT actually log a user in.
You can’t just by-pass the authentication page with your own “custom” authentication page. We do allow for authenticating through an Identity Provider, but you must either use our authentication page or that of the identity provider.
