Absent Member.. DBR Absent Member..
Absent Member..
799 views

Input of the type Credentials: Logged-In User Password

This isn't acceptable. How are we supposed to run headless flows if the user has to type in their password in the middle of a flow run?

Input of the type Credentials: Logged-In User Password
To improve security, the password is no longer automatically transferred when a Credentials input is of the type Logged-In User Password. Instead, the user will be asked to enter the password manually in a prompt message.

Thanks,
Don

Labels (1)
Tags (1)
0 Likes
5 Replies
Absent Member.. DBR Absent Member..
Absent Member..

Re: Input of the type Credentials: Logged-In User Password

I forgot to add that we are running 9.07 and I ran the upgrade-content.bat file. In OO 10 now it looks like the don’t allow the “Logged-In User Password” any more. I received many warnings in the output from running the command. If we are running headless flows, everywhere we have are currently using “Logged-In User Password” we would have to prompt the user for their password which doesn’t work for headless flows. How are we supposed to do this now in OO 10?

Thanks,
Don
0 Likes
Absent Member.. Bob62 Absent Member..
Absent Member..

Re: Input of the type Credentials: Logged-In User Password

I suppose you'd have to use a system account.

 

0 Likes
Honored Contributor.. Dimiter Todorov Honored Contributor..
Honored Contributor..

Re: Input of the type Credentials: Logged-In User Password

I agree with Don.

 

How are we supposed to Run headless flows in a User's context?

 

There are many ways to get around this, including having a user specify credentials as part of a flow primary inputs.

 

However, in a SSO environment using LDAP (AD), using the user's Username/Password to authenticate for certain operations during flows was a good feature.

 

We are working on an internal Portal that parses these detail before calling the OO flows using the AWESOME REST API., however, I think this should be part of the default OO webapp.

 

I would actually even like to access more of the "Logged In User" details.

In many cases, I want to send an E-Mail to the user kicking off the flow from Central. However, in OO 10, there is no mail attribute synchronized from LDAP.

Even just accessing the Logged-in user's DN would be ok.

 

Right now, OO 10 just provides the Username of the logged in user. If I want to access more information in a flow, I have to do LDAP queries.

 

D

0 Likes
Absent Member.. DBR Absent Member..
Absent Member..

Re: Input of the type Credentials: Logged-In User Password

I opened a case with support and they opened the below.
QCCR1D175061

Who knows if/when they will do anything about it.

Thanks,
Don
0 Likes
Absent Member.. DBR Absent Member..
Absent Member..

Re: Input of the type Credentials: Logged-In User Password

This is the update from support.
The QCCR number for this issue was changed - QCCR8C21877

I wanted to make you aware of the decisions made regarding this issue:

This is the current status:

The severity of ER has been raised an opened for implementation in our next minor release. This release is scheduled to go out in the 2nd quarter of FY14.

From implementation perspective, logged-in user functionality will not be re-introduced due to security considerations (credentials are stored in OO memory). As an alternative, SSO will be used, more specifically LW-SSO.

Don
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.