Applies to version 7.0.9.0

Customizing the authentication method

The default implementation for authentication is a Java™ Authentication and Authorization Service (JAAS) authentication method. If the JAAS authentication method does not suit, you can change to one of the other provided authentication methods, or implement your own custom authentication method.

About this task

The following authentication methods are available in the application. For more information, see Universal Access authentication. To use any of the provided authentication methods, set the REACT_APP_AUTH_METHOD environmental variable in the appropriate .env file to one of the following options and set any related environmental variables. For example:

REACT_APP_AUTH_METHOD=SSOIDPAuthentication
  • JAASAuthentication

    (Default for production environments. That is, npm start with .env.development.)

    No further environmental variables needed.

  • DevAuthentication

    (Default for development environments.)

    Set the Simple authentication for development environmental variables.

  • SSOSPAuthentication

    Service-provider (SP)-initiated SAML 2.0 web SSO.

  • SSOIDPAuthentication

    Identity provider (IdP)-initiated SAML 2.0 web SSO.

If you set SSO authentication, you must set the Single sign-on (SSO) authentication environmental variables.

For more information about environmental variables, see the React environment variable reference.

If you want to use custom authentication, you must create a custom authentication method and register the new authentication method as follows:

Procedure

  1. Create a custom authentication method, which consists of a normal class file that contains two static methods as follows:

    • static login = input => {}

      Where input is an object that contains one or more of these authentication properties: username, password, callback, ssoPreCheck, ssoLogin.

      Implement the logic to authenticate the user in this method.

    • static logout = (callback, reportLogoutError) => {}

      Where:

      • callback is a function that is called when logout completes.

      • reportLogoutError can be used to define whether a message is shown.

      Implement the logic to log out the user in this method.

  2. Register your new authentication method in an entry point file such as App.js by using the AuthenticationRegistry component as shown in the following example:
    1. Import the AuthenticationRegistry component and the authentication class: 
      import { AuthenticationRegistry } from '@spm/core';
import CustomAuthentication from '<path_to_custom_method>';
    2. Use AuthenticationRegistry.registerAuthenticationFunctions to register the functions from the authentication class: 
      AuthenticationRegistry.registerAuthenticationFunctions(CustomAuthentication);