Domain user login / logout
Check out this article to learn more details about the Active Directory Login and Logout or to understand the Security Services involved in these processes.
Another login type is the domain user login (Active Directory login), most commonly met at level of organizations, companies or enterprises.
For more details regarding theEwon by HMS Networks WCF Security Service methods, please refer to the Security Service documentations.
In order for the users to be able to login through the domain, the domain security needs to be enabled under the Settings section of the i4scada Studio. Additionally, at lease one Domain name needs to be defined.
The Domain security settings under i4scada Studio
Login
In order to proceed with login, the user needs to enable the Domain User button in the login dialog. Further on, the user can start typing in the domain username and password and press the Login button.
The Domain login dialog
As soon as the Login button is clicked the requested login URL is called. Just as in case of the Ewon by HMS Networks login, the login is handled by the Security Service using the Login method.
In comparison with the Ewon by HMS Networks login, the Domain login will be validated against the Active Directory. If the validation succeeds, the user's Authorization Groups from Active Directory are matched against the user's Authorization Groups from the i4scada database and the matching Authorization Groups are applied.
Note
First time a domain user logs in, a corresponding user will be added in i4scada Studio to the User Manager list.
New domain user added to i4scada Studio User Manager
The Login method will create a security token which contains all the relevant user information, such as username, password and authorization groups.
Login Request Payload example:
{sessionId: "f8e43397-7447-457d-9d19-796*********", clientId: "2f229b36-6ade-4a36-82c6-b9c********",…}
clientId: "2f229b36-6ade-4a36-82c6-b9cad4d****"
isDomainUser: true
millisecondsTimeOut: 10000
password: "examplepassword"
sessionId: "f8e43397-7447-457d-9d19-796*********"
userName: "exampleusername"
Logout
The logout form, for a Domain user is submitted as soon as the user presses the logout button.
The Domain user logout dialog
The logout is handled by the Security Service using the LogoutByToken method.
Logout Request Payload example:
{,...}
millisecondsTimeOut: 10000
securityToken: "H4sIAAAAAAAEAAXBy5ZDMAAA0A+yMEWwNfEoLVIj2toRTkQJFe+vn3sTWLh+cFv2YbH2U9Y91xZZlzsehUZCkXRUn6FroDqH28tUjsDyt9xV7DjjLzCM7S/CYS+**********ccNZBxF0/7zrM8ML1gjDdS/3FppuQxSzTkJHq6pNKB6Erbl0V/Letgkcn8qKkF1wExAF3E54+6dSIxSZfIRvJzFORBsLOG1xYe2zqbl3mfWqWbpwXJHh/N9rzpRex+P6QeEuJrqJo031vDIZt3NSzIuZD3icNbuBq***************hHOAAEAAA=="NameLogoutByToken