That MD5 hash is there to protect your users. Do you need a cleartext password in the SAP script for a custom authentication scheme?

Yes, I do. It was needed to authenticate the AD user.

mind to share with me, twheeler?

Thanks

Hi Chun,

We have ticket open with Development regarding this. The issue is that v7.6 allowed you to modify the DOM of the login page so you could add your own custom fields (such as a clear text password). Those fields would then be available in the SAP script by querying the DOM under ework.FieldInputList[].

v9.x seemingly does not expose the FieldInputList[] to you in the same way so your SAP script only has access to the username and password fields. The password field is hashed by default which makes LDAP authentication impossible (since it requires a cleartext password).

** This post has been edited because the workaround previously described results in unintended behavior **

The defect has been identified and will be corrected in a future release. The option to send the unhashed password from login page to SAP script will be provided.

Hi,

Has anyone the right syntax using ework.LDAPSearch function for SAP authentication to ActiveDirectory ?

thanks, regards

Juan

Has this been fixed as of yet?

CHRIS

Looks like this is addressed in 9.1.3.  This is taken from the 9.1.3 release notes:

"A new entry can been added to the Web Client's web.config, Administrative Tools web.config, and Deployment’s deploymentService.exe.config that determines whether the component encodes the user's password before it is sent to the BPM Engine via the ECL. This can be of use to developers creating custom SAPs that are reliant on receiving the credentials in plain text. "