How to validate the user entered details based on data present in database

The very simplest thing to do is create a key table.  It has a primary key, a username, a password (hashed), and maybe an email.

You would write a queryEntity that amounts to SELECT "password" FROM "Keytable" WHERE "username" = ri!username  (get the password next to the username they typed)

If it returns null, you know the username is invalid.  Tell the user their username or password is invalid (don't volunteer information to a hacker).  If it's not null, use the exact() function to see if the returned password matches the one queried from the database.  Of course you would never store a password in plain text, so you first hash whatever they type for password, then compare that using exact() function with what you returned from the DB, which is the hash of the real password.  If they match, let them in.  If they don't, tell the user their username or password is invalid.

By putting email on the table next to username and password, you can implement lost password functionality.  When they type a username, query database for adjacent email, then send an email link to that email, or tell them username is invalid if it returns a null.

This is an extremely minimalist solution, and will provide you very, very little in the way of security.  I provide it more as a "hello world!" of user authentication to help you understand how it fundamentally works.  I strongly recommend that you DO NOT attempt to do this on your own, home brewing user authentication with a paragraph description from Appian Community if you're going to store any personally identifiable information or health data, or perform any form of financial transactions, or store any trade secrets or potentially damaging information.  With that level of security, if it's worth hacking you, you WILL get hacked.

What Appian provides out of the box is far more secure than anything I could even build with months of effort and research.  You should use the tools Appian provided, use third party tools made by security experts in place of those tools, or you owe it to your client to explain how much security they lose demanding a custom interface.

The very simplest thing to do is create a key table.  It has a primary key, a username, a password (hashed), and maybe an email.

You would write a queryEntity that amounts to SELECT "password" FROM "Keytable" WHERE "username" = ri!username  (get the password next to the username they typed)

If it returns null, you know the username is invalid.  Tell the user their username or password is invalid (don't volunteer information to a hacker).  If it's not null, use the exact() function to see if the returned password matches the one queried from the database.  Of course you would never store a password in plain text, so you first hash whatever they type for password, then compare that using exact() function with what you returned from the DB, which is the hash of the real password.  If they match, let them in.  If they don't, tell the user their username or password is invalid.

By putting email on the table next to username and password, you can implement lost password functionality.  When they type a username, query database for adjacent email, then send an email link to that email, or tell them username is invalid if it returns a null.

This is an extremely minimalist solution, and will provide you very, very little in the way of security.  I provide it more as a "hello world!" of user authentication to help you understand how it fundamentally works.  I strongly recommend that you DO NOT attempt to do this on your own, home brewing user authentication with a paragraph description from Appian Community if you're going to store any personally identifiable information or health data, or perform any form of financial transactions, or store any trade secrets or potentially damaging information.  With that level of security, if it's worth hacking you, you WILL get hacked.

What Appian provides out of the box is far more secure than anything I could even build with months of effort and research.  You should use the tools Appian provided, use third party tools made by security experts in place of those tools, or you owe it to your client to explain how much security they lose demanding a custom interface.