CallAPI utility for Windows running without a correct password ?

Discussion created by Tran-Hoang_Hau_348 on Jan 13, 2017
This question has been asked so far.

Currently we are using the CallAPI to connect to UC4 and activate objects. The developer is sending the LOGON command specifying the "Client", "User", "Password". The user logs on to UC4 and performs the activation, but here is the problem. We have found out that they can enter any invalid password for the user and the connection/login is still successful? I is not validating the password being passed in the CallAPI logon command ??
 Please advise why this behavior and how can we make sure that the password is being checked/validated. I have an audit issue with this and need to resolve this


The Window callAPI can be used without the password verification if we set automatic logon, if we want AE system verify the password again, please remove all the setup in variable "UC_USER_LOGON" which can be found in client 0.
Please follow this link below for more information how it work


For the set up of UC_USER_LOGON, please follow this link below