Skip to main content

ZAuthenticate

Here is an example of a very simple ZAUTHENTICATE routine:

ZAUTHENTICATE(ServiceName,Namespace,Username,Password,Properties) PUBLIC {
 #include %occErrors
 set $ZTrap="Error"
 set Name=$ZConvert(Username,"U")
 set Name=$piece(Username,"@",1)
 set UserRecord=$get(^MYUSERS(Name))
 if (UserRecord="")
 {
 quit $SYSTEM.Status.Error($$$UserDoesNotExist,Username)
 }
 if ($SYSTEM.Encryption.SHA1Hash(Password)'= $List(UserRecord,1)) 
 {
 quit $SYSTEM.Status.Error($$$UserInvalidPassword)
 }
 set Properties("FullName")=$piece(UserRecord,",",2)
 set Properties("Comment")=""
 set Properties("Roles")="%All"
 set Properties("NameSpace")=Namespace
 set Properties("Routine")=""
 set Properties("Password")=Password
 set Properties("Username")=Name
 quit $SYSTEM.Status.OK()
Error
 set $ZTrap=""
 quit $SYSTEM.Status.Error(5002 /*$$$ObjectScriptError*/,$ZError)
}
        
Copy code to clipboard

The code does the following:

  • Searches MYUSERS for the user name entered by the user.

  • If MYUSERS contains the entered user name, it retrieves the user's information and continues. If not the routine quits with an error.

  • It compares the password value stored in MYUSERS with the password entered by the user. Note that the password is hashed before being stored. If the values match, then the routine continues. If not, the routine quits with an error.

  • For valid users, it stores user information into the Properties array. InterSystems IRIS retrieves the information from the array. You can view it in the Management Portal.

FeedbackOpens in a new window