User records control access to the system. Before the Triangular system will allow access to the Data Objects stored on the server the User must login to the system.
Refer to the User Record Format to learn how they are stored on the server.
The User records contains a set of property values (key/value pairs). The reserved keys are described in the next section. The remainder are custom properties available to the application with the servSess#getProfile function.
The page UserID Recovery contains procedures to restore a lost User ID or password.
When a server Datastore is first formatted a SuperUser is created whose key is '././userid' where userid is the SuperUser ID.
The password property contains the encrypted token value for the SuperUser.
The SuperUser is used to create the initial AdminUser for an application.
Assuming the Datastore is primed the link SuperUser Login will take you to the SuperUser login screen.
When an application is built at least one AdminUser record is created with the 'admin' role specified. The password associated with it should be kept secure because the Admin User has unconstrained access to the application.
The Admin Application is used to create more User records for the application.
The presence of an AdminUser means that an application id exists.
Assuming the Datastore is primed the link SuperUser Login will take you to the SuperUser login screen. Once logged in a list of available AdminUser IDs for each application will be displayed. The link shown on the list can be used to sign in as an AdminUser.
Alternately the link /apps/tri/Admin.htm?cust=XXX can be used where XXX is the application ID for the required AdminUser.
autolog:Defines the timeout period for a User which is monitored in
servSess. A value of 0 disables the inactivity timeout.
Otherwise it is the number of seconds of inactivity before the timeout occurs. If not specified a value of 300 (5 minutes) is implied.
password:Contains the encrypted password (A numeric integer). When a User issues a
servGAE.changePassword function the value stored is the actual value until the first actual
login. For this reason the password field must contain an alphabetic character to differentiate between
the encrypted and unencrypted value,
role:A string containing ',' separated values. Each value represents a role. The value 'admin'
is reserved and indicates the User has administrator privileges. The remainder are application defined.
They may be tested once a User is logged in with the function
servSess#isRole
sandbox:A value of true causes Sandbox Mode to be activated.
token:During
the login process the token is stored in the User record (as well as stored in a server side cache).
This allows a session to be reconstructed if a client-side token value is found to contain the same value as the server-side token. This value is maintained by the server.