HTML Forms authenticator

The HTML Forms Authenticator is a Username / Password authenticator that serves HTML pages and connects the data to a Data Source backend using an Account Manager.

It also supports user account registration, password management as well as forgotten user id’s.

Paths

The HTML Forms authenticator is mounted on the Authentication endpoint with the subpath of it’s ID. So if an authenticator with the ID html1 is configured and the Authentication endpoint is configured to have the path /authenticate then the paths of the HTML Forms authenticator are found under /authenticate/html1

Endpoint-kind: auth-authentication

SubPath Method Template Description
index (/) GET authenticate/get.vm The index (/) contains the authentication form
POST authenticate/get.vm The index (/) contains the authentication form
forgot-account-id GET forgot-account-id/get.vm  
POST forgot-account-id/post.vm  
forgot-password GET reset-password/get.vm  
POST reset-password/post.vm  

Endpoint-kind: auth-registration

SubPath Method Template Description
index (/) GET create-account/get.vm The index (/) contains the authentication form
POST create-account/post.vm The index (/) contains the authentication form

Endpoint-kind: auth-anonymous

SubPath Method Template Description
set-password GET set-password/get.vm  
POST set-password/post.vm  

Validation Scripts

The HTML Forms authenticator supports Validation Procedures. These can be configured on all of the listed SubPaths. For more information on Validation Procedures see Validation section.

Automatic Login

When enabled, automatic login is available after successfully completing one of the following operations:

  • Account activation.
  • Account activation with mandatory password definition.
  • Account registration, when activation is not required.
  • Setting a new password, after a password recovery flow.

Configuration

The specific configuration for the HTML Authenticator is the Account Manager, Credential Manager and the Validation Procedure. The HTML Forms Authenticator support full user management, if the selected Account Manager allows for it.

See the configuration guide for details on the parameters on Authenticators and on the Html Form Authenticator.

Configuration Example

<authenticator>
        <id>htmlForms1</id>
        <description>Username authentication</description>
        <template-area>html1</template-area>
        <html-form xmlns="https://curity.se/ns/conf/authenticators/html-form">
                <account-manager>SqlAccountManager</account-manager>
                <credential-manager>DefaultCredentialManager</credential-manager>
                <procedures>
                        <validation>
                                <request-subpath>forgot-password</request-subpath>
                                <endpoint>authenticate1</endpoint>
                                <http-method>post</http-method>
                                <validation-procedure>forgotPasswordValidator</validation-procedure>
                        </validation>
                        <validation>
                                <request-subpath>index</request-subpath>
                                <endpoint>register1</endpoint>
                                <http-method>post</http-method>
                                <validation-procedure>accountRegistrationValidator</validation-procedure>
                        </validation>
                </procedures>
        </html-form>
</authenticator>