Login | Login with username and password in URL param
Requirement
To be able to log in to SDP without displaying login page when the user's username and password are known.
Setup:
- Go to <ServiceDesk>/webapps/ROOT/WEB-INF/security/
- Edit Security-esm.xml file
- Add/Edit the the following param values that's below this line: <param name="selectedPortal" type="long"/>
<param name="username" type="String"/>
<param name="password" type="String" max-len="2000"/>
- Restart SDP services for the changes to take place
This change will be lost after a service pack upgrade. Kindly make the changes again after SDP upgrade.
Login flow:
- Make a GET call to <sdp>/api/v3/app_resources/properties
- Get the public_key from the JSON's result.login_props.password_encryption.public_key
- Use this RSA public key in PEM format to encrypt the user password using RSA-OAEP padding with SHA-256 for both the main hash and the MGF1 hash
- Base64Url encode this encrypted password to be able to send in query param
- Now call <sdp>/ESM.do?type=portal&username=USERNAME&password=ENCRYPTED_PASSWORD in the browser
- The user will be logged in via local authentication and the target page /ESM.do?type=portal will be displayed.
New to ADSelfService Plus?
Related Articles
Forgot Password | Reset password link validity and changing email content
Change Forgot Password Link Validity To change the validity of forgot password link, please execute the below query and restart SDP service. Query: update globalconfig set paramvalue='1440' where parameter='FORGOT_PASSWORD_LINK_VALIDITY' and category ...SAML | ADFS troubleshooting and tips (Auto Login with ADFS in Intranet, mobile app user agent fix, etc.)
Tips: Steps to enable Auto-logon: Step 1: In the AD FS server, under Authentication Methods, make sure that Windows Authentication is selected. Step 2: Run the below powershell query to check if "Chrome" is present in the supported WIA agents: ...Error occurs after logging in due to SkipNV2Filter param in URL
Root cause: The SkipNV2Filter param was present in older versions of servicedesk and is removed now. So this should not be present in the URL in current versions. Resolution: Remove or edit the bookmark or the embedded link and remove this parameter ...Script to reset the password of a user by entering his username and enable local authentication without connecting to DB.
Script to reset the password of a user by entering his username. Also, to enable local authentication in the application without connecting to DB. How the script works ? Invoking the script will show two options. 1. Enable local authentication in the ...SAML | Skip login page | Login directly with SAML | Query to enable AD or Local Auth during SAML issues
Issue: When users have AD and/or local authentication enabled along with SAML, the login page is shown when a link from an email is clicked and users need to click "Login with SAML" again. Workaround 1: You can bookmark, <sdp_url>/SamlRequestServlet ...