Have you considered allowing guest access, assuming it is available?
If your system were on premise, you could build a servlet between your form and it which could take care of login as any available from a set of temporary accounts you'd prepare to use in these cases; not sure how BMC would interpret use of such "floating" accounts, though, or if it is feasible in on cloud system.
1 of 1 people found this helpful
In the AR System you can set up the server to allow guest access; however I don't know many customers who do that. I don't know about Innovation Studio.
Having a form on your website where info is entered and then sent to the system is probably best for anonymous users.
4 of 4 people found this helpful
as far as Helix Platform is considered, to give anonymous access, one can create record definition, give Public group visibility to Record definition and select "Allow anyone to submit" for required fields but when we consider "Helix Solution Stack" and not only platform, the solution stack comes with RSSO enabled and I think RSSO does not allow to login as Guest user.
2 of 2 people found this helpful
I had this requirement for an application. In my case I could not really rely on "guest" access since it might collide with an existing user or it might not be enabled.
Moreover I did not like to see the warning message "login failed, but you are logged in as guest".
What I ended up doing is creating a "system" account, actually a regular user with a specific role / functional role (call it "anonymous") that had a set of credentials like "anonymous/anonymous" that all users could use.
I then created specific views for their access and added the permissions to those views / record definitions etc...
This way when users log in with this "anonymous" account they only have access or to public views, or to the views matching the permissions from the "anonymous" account.
Then you have the login part, to my knowledge there is no auto login feature.
Cheating spoiler :
Since I am working at bmc I cheated a bit at this point and I modified the login page to enable an "auto login" with those anonymous credentials, I showcased this at the BMC Helix Immersion Days last year, here is the part of the presentation where I show our use case:
That is very similar to what I built on AR System when I built the auto-registration / password reset process for the WWRUG app back in 2012. Although in that case I was able to automatically login to the system (function-specific user credentials were embedded in a custom .jsp page) as well as I was able to modify login.jsp to make my adjustments (no need for source code).
I really like the concept of having a function-specific service account vs. a guest account. With a guest account you need to open up your permissions and make everything required by the process accessible to unauthenticated users. With an "anonymous" account you are able to still structure access and permissions around what that account needs and even create measures to notify you and/or disable the account if it is used in a way you do not intend. Fortunately for me, nobody hacked the WWRUG system well enough to trigger the account disable workflow
I did hack in and gain admin access to your server though
Well... that was a system "feature" you discovered and not something in the app I built (and why you didn't trigger my trap). Any AR Server could have this "feature" exposed.
Where would that servlet be deployed? Mid Tier? I'm looking mostly for an Innovation Suite based solution, but maybe I'm missing something?
Can you PM me some of the details? I think I could also use a bit of cheating at this point, as this initiative is in demo stages.
Using a Web Form is definetly an option.
How did you handle concurrency issues? First example from Adi's description (registration using Self Service) would most likely often cause an error unless a large enough pool of visitor's accounts were available.
I did point out on premise (and was thinking in context of web services), but it was similar to Anne's suggestion -- new access form (hosted on your webpage?) for first time visitors which handles login as first available from a pool of premade accounts whose access, as Laurent describes below, is limited to viewing public data and possibly submitting initial data which they may keep access to only until logout since the next person to login with the same visitor's account probably won't be the one who generated that data and seamlessly redirects them to Helix once connection is established.
2 of 2 people found this helpful
Are you talking about auto login feature? If so it involves code change in the product so you cannot do it (I could because I have access to the source code)
You can create a specific user (people) with a specific role and give this user to your users to login with but the auto login part you cannot achieve it sadly.
One other solution would be to have a form hosted on a Tomcat or Apache http and conversing to Innovation Suite using Rest Apis for example.
Your code in php (or Java, nodeJs whatever) could communicate with IS (getting jwt token with the login command, then simply doing requests to check if a user exists / create a user / trigger a process etc...).
Well I guess it is the same problem with every vendors if you create an account.
In my case it is a process that is in charge of creating the account. If the account / email already exists there is an error.
If you are talking for visitors, it is one technical account that is used, so one visitor account is used for everyone.