Configure a pre-login process for Identity Manager Operator

This article describes how to configure a pre-login process for Identity Manager Operator. A pre-login process can be executed from the login page without being signed in. For example, this is useful when you need to reset a password for an account.

Configure pre-login process

The process itself can be an ordinary BPMN process, but with one limitation: forms on the start task are not supported for pre-login. However, it is recommended to configure at least one user task in the pre-login process.

To make a process visible on the Identity Manager Operator login page:

1. In Identity Manager Admin, go to Home > Process Import.

2. Select a process ('MYPreLoginOperator' in the example below), and double-click to open it. 

3. Go to the Permissions tab.

   1. Select Start process, and add the 'loginProcessUser' to be able to start this process in Identity Manager Operator.

      

      There is a preconfigured internal user in Identity Manager called  'loginProcessUser', which is responsible for the visibility of pre-login processes in Identity Manager Operator. All user tasks that should be executed in the pre-login mode must be assigned to that user (or corresponding role). See Home > User Administration in Identity Manager Admin, see also Set permissions from Identity Manager users or roles.

4. Click Save.

Configure prelogin-beans.xml

1. Add a new spring bean called "pre-login-beans.xml " and put it in the spring folder of your docker-configuration. See Add custom spring beans in Identity Manager for more information.

2. Add the following information in pre-login-beans.xml:

   Example: pre-login-beans.xml

   CODE

   <?xml version="1.0" encoding="UTF-8"?>
   <beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
           http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
           http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd">
   <bean name="preLoginProcessManager" class="de.vps.act.frontend.workplace.prelogin.PreLoginProcessManager" scope="prototype" parent="abstractLoginController">
      <property name="preLoginProcesses">
           <util:list value-type="java.lang.String">
               <value>MYPreLoginOperator</value>
           </util:list>
       </property>
       <property name="mappedProcessDAO" ref="preLoginProcessMappedProcessDAO"/>
       <property name="processDeploymentHandler" ref="processDeploymentHandler" />
   </bean>
   </beans>

   

   'MYPreLoginOperator' is the symbolic name of the BPMN process to be executed, and therefore it needs to be replaced with the respective name of the customer configuration.

3. Restart Identity Manager Operator.

4. The process will now be displayed on the Identity Manager Operator login page.

Additional information