WebService Authentication

I have a conceptual problem in undertandiung the login process. Here's the situation, I have a WSDL that I need to use for authentication and webservices calls. The login webservice (with plain text username and password in the body of the call) which returns me a boolean AND a sessionId. This sessionID needs to be part of all the other calls I make afterward. That being said,How do I do this when in production? Does the Mendix login input form that usually show up can give me that? Can I get the info from that page and call a microflow for the login call? Do I have to somehow create a new login page? If so how do I make this available if they are not signed-in? Use an anonymous user? Also the users will not exist in Mendix originally AND they need to be validated everytime to the backend system. I was thinking of creating/updating them once they are allowed in? There is also the problem of the sessionID which I need to store for the duration of the session. I was thinking of extending the Syste. User entites to store that. Any ideas? Thank you.
2 answers

Custom login action is the solution is I guess. Hence please take a look into the Kerberos/LDAP modules available in the app store. they might give you an idea, how to implement the same.


If I understand correctly you want to make a kind of Single Sign On proces where a webservice creates a token for a user so that this token can be used to log the user in?

This can be done with the deeplink widget from the appstore. First create a webservice that creates the token that is serviced to the external system and then they can use this token to create a URL that can be handled by the deeplink (retrieve the user and show the correct page).

But may be I misunderstood the question.



[EDIT after comment] If a user does not exist (yet) create a new user and assign the token to this user. Then use the deeplink to the create new user page if the token is used by a user to log in to Mendix. There he can update his credentials like email adres so his login details can be sent to him.