cancel
Showing results for 
Search instead for 
Did you mean: 

Authentication before landing to Main Screen In Syclo

Former Member
0 Kudos

Hi All,

I would like to know, whether we can do one more authentication in Syclo before landing to the main screen.

like after logon with user credentials it should navigate one more screen, there user should enter pin number (which is available in db) then only he has to authenticate to get the landing screen (Main Menu Screen).

IF possible please let me know the process.

Thanks in advance for your help.

Hari

Tags edited by: Michael Appleby

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi All,

Thanks for your's help and I will explain the same to our client.

Thanks

   Hari

jason_latko
Active Contributor
0 Kudos

Hari,

Please mark the thread an answered so others can find the solution.  Thanks!

Jason Latko - Senior Product Developer at SAP

jason_latko
Active Contributor
0 Kudos

Hari,

You would need to get creative to do something like this.  From a very high level:

Make your main screen a detail screen with a button on it with text that says "Press to enter PIN".  Kick off a fetch screen to capture the PIN.  Run the fetch, validate the entered PIN against the database using a Java or other backend step.  Return an object record to a main object collection from the fetch that contains True or False in a boolean property that indicates whether the PIN was correct or not.  If correct, move on with a navigate to your real main application screen.  If wrong, pop a message and leave them on the PIN button screen.

Jason Latko - Senior Product Developer at SAP

Former Member
0 Kudos

Hi Jason,

Thanks for your reply.

As per our client requirement, the user should not be able to access the landing screen (main screen) before pin authentication. Also, user should not download/sync the data with back end.

Means I have to provide the provision to validate the pin before landing screen (The screen having work order, notification and time sheet navigation) and just after login screen.

Thanks

Hari

jason_latko
Active Contributor
0 Kudos

Hari,

In that case, again from a high level:

Add a new Complex Table called CTPins.  Download the list of user names and valid pins into the table.  This will come down with the initial sync.  Go with the same idea of changing the main page to be a screen with a button.  User presses the button and they are brought to a transaction screen where they will enter their PIN.  Use an error type validate rule in the transaction to check the complex table by looking up the correct PIN for the current user with the COMPLEXTABLE function.  You can identify the currect user with the USERID rule function.  If the rule passes validation, navigate to the next screen by placing a navigate step in your action after the transaction so the user can start using the application.  If the pin fails validation, the user will not be able to move on.

Honestly, I don't like this solution because it forces you to download a list of all users and pins to each device.  This isn't a very secure design, but it is the only way to go if you don't want to connect to the backend again to validate the PIN.

Jason Latko - Senior Product Developer at SAP

Former Member
0 Kudos

When the table is being built I would recommend filtering the return rows so it only bring down the current user that way only his pin is in the table and no other users.  Then you can check the option "Reload on user change" this will clear out the table and have the table do an "initial" download if the device changes users.

jason_latko
Active Contributor
0 Kudos

Steve,

Yes, that is the way to go.  There is a flunky called <<user.agentryID>> that can be used in a backend step to get the current client user.  Use this to filter the PIN data and only bring down the current user's PIN.

Jason Latko - Senior Product Developer at SAP

bill_froelich
Product and Topic Expert
Product and Topic Expert
0 Kudos

In terms of data download, you will need to make sure your fetches are not marked as a Main Fetch so you can control that the data will only download after the pin has been validated.

You may also need to do something similar with your CT/DT download as those will initially run on first login prior to prompting for a pin.

--Bill