# Login & Logout

\[SINCE Orbeon Forms 2018.2]

## Menu

Form Runner can show a *user menu* in the navigation bar, allowing users to login, logout, and, if necessary, register. You can enable the user menu by setting the following property to `true` (its default value is `false`):

```xml
<property
    as="xs:boolean"
    name="oxf.fr.authentication.user-menu.enable"
    value="true"/>
```

When enabled, before users login, the menu contain 2 entries: "Login" and "Register", as shown in the screenshot below.

![User menu when logged out](https://4129616727-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LEkBiSDvlXs3VWiO0Zu%2F-LTTeshQo6BF9HXL4Yw6%2F-LTTf1CSWK0bF_hEaRxc%2Flogout-logout-menu-logged-out.png?generation=1544555342478885\&alt=media)

Conversely, when users are logged in, the menu will show who the user is, as well as provide a way for users to logout.

![User menu when logged in](https://4129616727-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LEkBiSDvlXs3VWiO0Zu%2F-LTTeshQo6BF9HXL4Yw6%2F-LTTf1CV0Ti-Bes23dHh%2Flogout-logout-menu-logged-in.png?generation=1544555342126247\&alt=media)

You can configure what page users will be taken to when they select "Login", "Logout", or "Register" by setting the properties below, shown here with their default value. Setting a property to the empty string disables hides the corresponding entry in the menu.

```xml
<property
    as="xs:string"
    name="oxf.fr.authentication.user-menu.uri.login"
    value="/fr/auth?source={xxf:get-request-path()}"/>
    
<property as="xs:string"
    name="oxf.fr.authentication.user-menu.uri.logout"
    value="/fr/logout"/>
    
<property as="xs:string"  
    name="oxf.fr.authentication.user-menu.uri.register"
    value=""/>
```

*NOTE: Orbeon Forms does not provide an out of the box system to create and manage users. The `register` menu is intended instead to link to your existing user management system.*

## Default login page

Form Runner comes with a simple default login page which can be used with container-based authentication.

![Default login page](https://4129616727-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LEkBiSDvlXs3VWiO0Zu%2F-LrBAm28U0yjRKw_zElQ%2F-LV4le6-ALiHUZOmFrgI%2Flogin-page.png?generation=1571088747907129\&alt=media)

## See also

* [Setup users for access control](https://doc.orbeon.com/form-runner/access-control/users) - How to setup Orbeon Forms so that users and roles are provided.
* [Access control for deployed forms](https://doc.orbeon.com/form-runner/access-control/deployed-forms) - How to control access to deployed forms.
* [Form fields](https://doc.orbeon.com/form-runner/access-control/form-fields) - How to control access to specific form fields based on the user user's roles.
* [Access control for editing forms](https://doc.orbeon.com/form-runner/access-control/editing-forms) - How to control access to Form Builder.
  * [Owner and group member permissions](https://doc.orbeon.com/form-runner/access-control/owner-group) - Access based on ownership and groups.
  * [Organization-based permissions](https://doc.orbeon.com/form-runner/access-control/organization) – Access based on organizational structure.
  * [Token-based permissions](https://doc.orbeon.com/form-runner/access-control/tokens) - Token-based permissions
* [Scenarios](https://doc.orbeon.com/form-runner/access-control/scenarios)