Monday, October 8, 2012

Switch PeopleSoft user to another user through authentication token.


In this doodle I will be explaining how to use PeopleSoft function switchUser to change profiles in PeopleSoft by using authentication token.

Below is the overview of the requirement which are trying to achieve by using PeopleSoft function switchUser:

User logs into PeopleSoft PIA by providing his/her PeopleSoft user name and password. This user will have access to a page which has a button labeled as “Switch User”. When the user clicks on this button, switch user functionality should happen (i.e.) original user (User Name: ORIGUSER) should be logged out and switched to the new user (User Name: SWITCHUSER).

We will achieve this Switch user functionality by using PeopleSoft delivered function SWITCHUSER () and GENTOKEN (). Here in my example I will be representing original user as ORIGUSER and new user as SWITCHUSER.

Below is the description of the SwitchUser function from PeopleBooks

SwitchUser(UserID,Password, AuthToken , ExtAuthInfo)

Use the SwitchUser function to change the user ID of the current user logged onto the PeopleSoft system.

UserID Specify the User ID to be started.
Password Specify the Password for this User ID.
AuthToken Specify a single signon authentication token used to authenticate the user. If you are authenticating the user by Userid and password, specify a NULL value for this parameter, that is, two quotation marks with no blank space between them (""). If you specify a token, and the token is valid, SwitchUser switches to the User ID embedded in the token. All other parameters are ignored if a token is used. This parameter takes a string value.
ExtAuthInfo Specify binary data (encoded as a base64 string) used as additional input to authenticate the user. If your application doesn't use external authentication information, specify a NULL value for this.


Below is the description of the GenToken () function from PeopleBooks:

Use the GenToken function to create an authentication token for the user currently logged in, as a string. Generally this function is used in an application engine program when an authentication token is not automatically generated. However, it can be used anytime. The token that is generated is usually passed to another process that has no token.

Below is the approach I took for achieving this requirement. If you have come across or have any other better solution please suggest and post the same. During this development I did some search but was able to collect only little information. So any information you post will be informative for PeopleSoft community.

Solution:



Create and save the authentication token for the new user (User Name: SWITCHUSER) in a custom record


Create a new application engine program to auto generate authentication token for the new user (User Name: SWITCHUSER). This application engine has to be scheduled to run through the new user (User Name: SWITCHUSER). This application engine will use the PeopleSoft delivered function GenToken () to generate the authentication token for the new user SWITCHUSER.


Place the below code in application engine action PeopleCode:

 &authtoken = GenToken ();

 Token generated should be inserted into a custom table so this token can be retrieved and used online function SwitchUser.

Design a page with Switch User  push button and build switch user logic on this button


Create a custom field Z_SWITCHUSER and included this field in a custom record Z_DERIVED_SU. Insert a push button to the page and assign the record and field name as Z_DERIVED_SU and Z_SWITCHUSER to this push button.

 In the field change of the record field Z_DERIVED_SU.Z_SWITCHUSER, have the below code logic:
Retrieve the authentication token generated by AE for the new user SWITCHUSER. This authentication token will be passed to the PeopleSoft function SwitchUser.

SwitchUser(“”,””,&AuthToken,””);

Authentication token for new user  (User Name: SWITCHUSER) is fetched from the custom record and stored in the PeopleSoft variable &AuthToken. This function will transfer the user profile to the new user SWITCHUSER.


Also I had one more requirement to land the new user in the PeopleSoft Home page. Below is the PeopleSoft logic to generate the home page URL and transfer the user to the home page. As soon as the switch user functionality transfers the user profile below logic should transfer the new user to the home page.

&url = GenerateHomepagePortalURL(Portal."EMPLOYEE", Node."PT_LOCAL", "");

%Response.RedirectURL(&url);



at

3 comments:

  1. PrasannaNovember 23, 2012 at 8:05 PM

    Hi Malar, Thanks for the share, this is very useful. i have a similar requirement using switchuser.
    I need to schedule a process(AE)with new userid from an AE switching from current user. i.e An AE will be triggered by User A and that needs to schedule another AE for a new user in run time. Eventhough Peoplebooks says that we should not user "switchuser" in AE , is there any way to achieve this? Any thoughts?

    ReplyDelete
    Replies
    1. UnknownNovember 29, 2012 at 11:00 PM

      Prasanna,

      Since you want the second AE to be called from first AE, you can do that by using UNIX command. In UNIX command trigger the second AE with the new user ID. Call this UNIX command or script from the first AE.

      Let me know whether this helps.

      Delete
  2. Shasi MalipeddiApril 20, 2015 at 4:43 PM

    Thank you for the detailed explanation for all the steps required to implement this solution.

    ReplyDelete

Subscribe to: Post Comments (Atom)