Can anyone help me in validating the fields entered in the form with the details that are already existing in the database.
like entered details and existing details are matched then some functionality need to be performed.
Discussion posts and replies are publicly visible
My first question is what are you trying to achieve? If you have data about anything (a User in your example) and you want to validate fields being entered about that data, why aren't you simply retrieving the data you already have, rather than having someone enter the same data and then checking if it's correct? What's the Use Case here?
Actually I have created a user management application in appian and in that i have created registration page and storing the values of the registered users in database .Now I have created a login page also.Now my problem is I have username and password fields in login page when entered values in those fields , the values should get compared with those in registered database table.If entered values are equal to values in database they should login and redirect to another page otherwise throw an error.
So now my next question is: why are you replicating a User Authentication capability that already exists within Appian?
Because I need a separate registration and login interface for my application
The very simplest thing to do is create a key table. It has a primary key, a username, a password (hashed), and maybe an email.
You would write a queryEntity that amounts to SELECT "password" FROM "Keytable" WHERE "username" = ri!username (get the password next to the username they typed)
If it returns null, you know the username is invalid. Tell the user their username or password is invalid (don't volunteer information to a hacker). If it's not null, use the exact() function to see if the returned password matches the one queried from the database. Of course you would never store a password in plain text, so you first hash whatever they type for password, then compare that using exact() function with what you returned from the DB, which is the hash of the real password. If they match, let them in. If they don't, tell the user their username or password is invalid.
By putting email on the table next to username and password, you can implement lost password functionality. When they type a username, query database for adjacent email, then send an email link to that email, or tell them username is invalid if it returns a null.
This is an extremely minimalist solution, and will provide you very, very little in the way of security. I provide it more as a "hello world!" of user authentication to help you understand how it fundamentally works. I strongly recommend that you DO NOT attempt to do this on your own, home brewing user authentication with a paragraph description from Appian Community if you're going to store any personally identifiable information or health data, or perform any form of financial transactions, or store any trade secrets or potentially damaging information. With that level of security, if it's worth hacking you, you WILL get hacked.
What Appian provides out of the box is far more secure than anything I could even build with months of effort and research. You should use the tools Appian provided, use third party tools made by security experts in place of those tools, or you owe it to your client to explain how much security they lose demanding a custom interface.
Why would a user need to log in for your application when they've already been authenticated by Appian login? At this point the normal design is to simply expose to them any application(s) they're eligible to see - all information that should be tracked inside Appian already.
What you can do is create a very simple web API on your Appian environment and on the same environment, create an integration pointing to the that very API. And in that integration you can take the username and password as rule inputs. This way by calling that integration with given username and password, you can validate if the authorization was successful. Hope that solves your use-case.
Note: In this method, you cannot use encrypted text field as you will not be able to send password in encrypted format to the integration. Instead you can simply set masked: true in the text field itself.