I finally got LDAP working with the the servoy 3.1 custom login form. (Thanks Marcel!) . However, even though I checked “Tracking”, the audit trail isn’t working. I used the security.login method to make sure I logged in. Having the audit trail working is very crucial and I prefer not to write my own audit trail method if possible. Am I doing something wrong.
My “log in” button in my custom log in form uses this code. I made sure the userID is also (szheng) is also in the security groups in Servoy security setting as well. Can someone point in the right direction on why the audit trail isn’t activated.
if (plugins.it2be_ldapclient.isAuthorized(connection2))
{
var username = globals.a_login_name
var userID = security.getUserId(username);
var userGroupId = security.getUserGroups(userID);
var groups = new Array();
groups[0] = ‘Administrator’;
security.login(username, userID, groups); // “officially” logging in
forms.capa_main.controller.show() //start up
We are having the same problem. Just started rolling out into production and noticed the audit log stopped after we used LDAP auth (Custom plugin), and code very similar to yours.
I hope we can get this resolved, because Audit trail is ultra important to us to show to the FDA; It would be really cool to get this fully functional. Anyone else out there actually have the LDAP and audit trail working?
The problem is probably caused by a typo in the javascript code.
By default the group ‘Administrator’ does not exist, but the group ‘Administrators’ does.
In a future release of Servoy the group names will be checked against existing group names in the security.login function.
rgansevles:
The problem is probably caused by a typo in the javascript code.
By default the group ‘Administrator’ does not exist, but the group ‘Administrators’ does.
In a future release of Servoy the group names will be checked against existing group names in the security.login function.
Rob
Can you clarify a bit more. I changed my javascript code (from the top post) to “Administrators”. I ran that log in LDAP script again; I’m able to log-in using LDAP fine, but NO audit trail still. How can we get audit trail running? Scott, any luck on your end?
The setting of Tracking applies to a table for a user group.
Did you enable the checkbox for the Administators group?
A difference with between security.login and the regular servoy login is that in the servoy login the user gets all permissions (including tracking) of all groups that the user is member of.
In the security.login login only the permissions of the listed groups are set.
Yes, I enabled the administrator group. please see attached. The audit trail still isn’t working. (if I don’t use the custom log-in, the audit trail works fine). Please help.
rgansevles:
The setting of Tracking applies to a table for a user group.
Did you enable the checkbox for the Administators group?
A difference with between security.login and the regular servoy login is that in the servoy login the user gets all permissions (including tracking) of all groups that the user is member of.
In the security.login login only the permissions of the listed groups are set.
Does the problem also occur if you remove the ldap code?
The getUserId and getUserGroups calls should also be removed, they refer to users in the servoy repository and the idea with ldap is that all users are managed outside Servoy.
Trysomething like:
if (true)
{
var username = globals.a_login_name
var userID = 'test' ; // future: get ldap internal user ref // security.getUserId(username);
// var userGroupId = security.getUserGroups(userID);
var groups = new Array();
groups[0] = 'Administrators';
security.login(username, userID, groups); // "officially" logging in
forms.capa_main.controller.show() //start up
}
If this still does not work please enter a case at our support site with a sample solution showing the problem.
This still doesn’t work. I made a new button including only your new code, and the audit trail still will not activate. i’ve uploaded a sample solution and opened a support case. Please help.
Sammy, could you call me at the USA office please? We need to help you offline with the challenges that you are specifically facing with your application.
the issue with using LDAP but can’t activate audit trail is due to my coding error. I didn’t realize that the the audit trail wasn’t work because it still wasn’t officially logged in. In my previous code, I never put my LDAP login into a local servoy log in at the script level. Here’s the working code.
HOWEVEr, the only problem I run into is that when I look at the audit trail “username” field, it shows a number (either 1 or 18) instead of the actual user name. any ideas what i’m doing wrong?
if (plugins.it2be_ldapclient.isAuthorized(connection2))
{
var username = globals.a_login_name; // this should be their full name
var userID = globals.a_login_name; // this is the windows login name
//var groups = new Array();
var ldapName = globals.a_login_name;
var userGroupId = null;
if (ldapName == “szheng1” || ldapName == “mmcchesn”) {
username = “admin”
userID = security.getUserId(username)
//groups[0] = ‘Administrators’;
userGroupId =security.getUserGroups(userID)
}
var groupNames = userGroupId.getColumnAsArray(2);
var ok = security.login(username, userID, groupNames); // “officially” logging in
if (!ok) {
plugins.dialogs.showErrorDialog(“Login failure”, “Invalid login???”, “OK”);
return;
}
forms.capa_main.controller.show()
See my previous post in this thread, you should not use security.getUserId when you use ldap.
It is the second argument to security.login() is that appears in the audit table.