...
The phixflow-login.xml configuration file allows the operator to define different login form configurations with restricted login options e.g. Local only, Active Directory only, all options. The user can then choose the login for to be displayed by providing an extra parameter to the PhixFlow start URL, or accept the default.
The
There are 2 reasons for doing this:
- You have configured Local logins and Active Directory (or SAML / SIngle Sign-on) logins, and you want advanced users to see all login options but normal users to see only Active Directory.
- You want to enable SAML / Single Sign-on auto login. This logs you in automatically using your current logged-in Microsoft Windows credentials without displaying a login form, and cannot be mixed with other form options.
Starting PhixFlow with a non-default login form
To start PhixFlow with a non-default login form, append ?login=mylogin to the PhixFlow URL, where mylogin is the name of the login form e.g.
| Code Block |
|---|
https://myserver.com/phixflow?login=full |
Configuration
If $webapp/WEB-INF/classes/phixflow-login.xml does not exist, create it by copying phixflow-login.xml.example.
...
The lines immediately following define 3 login forms:
| Bean Id | Form Name | Description |
|---|---|---|
| localLogin | local | Local login only |
| fullLogin | full | All login options except auto |
| autoLogin | auto | SAML Single Sign-on without displaying a login form |
You can add new forms and edit or delete any of these 3 examples, provided that you define at least one form and that the loginConfiguration's defaultForm (above) matches the name of one of the defined forms.
...
The form properties are as follows:
| Property | Default | Description |
|---|---|---|
| id | None | A name reflecting the purpose of the form |
| parent | parentLogin | Do not change |
| name | default | Used when defining the default form or when selecting |
| localLogin | false | Whether the form should include local login |
| samlLogin | false | Whether the form should include SAML / Single Sign-on login |
| samlLabel | SAML | The label displayed against the SAML Single Sign-on option on the form |
| autoLogin | false | Whether the user should be logged in via SAML / Single Sign-on without displaying the form. This cannot be set in combination with any other xxxLogin option. |
| activeDirectoryLogin | false | Whether the form should include Active Directory login |
| defaultSelected | none | The login option that is selected by default when the form opens. For local, this is 'local' |
Setting the default login form
Edit the loginConfiguration bean (above).
Set the defaultForm property to the name of the form that you want to be the default.