Smile CDR v2022.11.PRE
On this page:

14.4Local Inbound Security Module


The Local Inbound Security module stores user accounts locally in Smile CDR's administrative database. When using this module, Smile CDR acts as a completely self-contained CDR and User Management system. This can be useful when deploying Smile CDR in circumstances where no existing user database or identity management platform is present.

By default Smile CDR creates a Local Inbound Security module, and seeds it with a single administrative user named admin. You may use the Web Admin Console or the JSON Admin API to create and modify users.

14.4.1Configuration: Credentials


When storing usernames in the database, the module can optionally normalize them so that checks will be case insensitive. This is disabled by default, and it can be enabled by setting Username Case Sensitive to true.

When storing passwords in the database, the module can optionally normalize them so that checks will be case insensitive. This is enabled by default, and it can be disabled by setting Password Case Sensitive to false.

Passwords will be stored in the database using a salted hash, and the salt is randomly generated for each individual password. By default the hashing algorithm used is a 10-round bcrypt. This can be changed by modifying the Password Encoding Scheme value.



One important thing to note when updating user accounts is that the system caches user credential hashes for a short period of time in order to improve performance. Any changes to a user account (i.e. changing a password, modifying the user's permissions, etc.) may take a few seconds to propagate across the cluster.

14.4.3User Self Registration


This module can optionally be configured to allow users to self-register. Self registration is available via the SMART Outbound Security module when it is paired with the Local Inbound Security module.

To enable self registration, the Self Registration Enabled setting must be enabled. In addition, a callback script must be supplied using the User Self Registration Script properties.

Hide the SignUp Button

The user can provide a list of comma separated URLs that will hide the SignUp button on the Login page when the referer URL of the Login page is in the list.

A place where this feature can be useful for App Gallery setup. For example, http://localhost:19300/console/ can be provided in this field to disable user registration for the App Gallery Admin Console.

Function: onUserSelfRegistrationRequest

This function is called when a user requests a self-registration. It is used to generate an account for the new user.


  • theInputUser – This object will be populated with the details as supplied by the user who filled out the self registration form. Object is of type UserDetails. At this time, the following properties are populated:

    • Username
    • Family Name
    • Given Name
    • Email Address
  • theOutputUser – This object should be populated by the script with the actual details that should be stored in the created user object. Any properties except for the username and password need to be explicitly copied from theInputUser to theOutputUser by the script. Object is of type UserDetails.


function onUserSelfRegistrationRequest(theInputUser, theOutputUser) {

    // Copy standard demographics
    theOutputUser.familyName = theInputUser.familyName;
    theOutputUser.givenName = theInputUser.givenName; =;

    // Add any permissions you want the user to have by default
    // in a newly created account. Be very careful not to 
    // assign permissions that would be inappropriate for a new
    // user to have!