Hi,

Please check out the excellent new Pega API in 7.1.8. This feature allows you to utilize built-in Pega services to create work objects and perform other routine activities. While basic authentication is provided by default, custom authentication can also be used.

thanks David for the response, unfortunately we are not on 7.1.8, i will check the feasibility of upgrading in the back end.

Here the consumers are not ready to change  their calling protocol, so i have to stick to SOAP only.  I need to build a generic Service that will create work case for any PRPC work pool on that instance like the federated case management concept. 

I believe Basic authentication , will execute the incoming requestor in the context of passed operator ID. 

is the below header acceptable by PEGA  ?

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:urn="urn:PegaRULES:SOAP:Services:one">

   <soap:Header>

      <urn:username>xxxx</urn:username>

      <urn:password>rules</urn:password>

   </soap:Header>

I want to enable even WS security on this service.

WS-Security is supported for SOAP services on Pega 7.1. 

The access group on the Service Package provides authorization for looking up the actual service. You need to use custom authentication / WS-Security to provide user-specific authorization which will utilize the access group for the specific Pega operators.

David,

Thanks for the solution,

As the consumers are not ready to change, i have to expose a service in PEGA with out any authentication which will take a attribute from incoming SOAP Request and get information like model user, accessgroup, default applicaiton and work pool from a Declare table and create the case for appropriate work pool. For these i have to add rulesets on the fly to current ruleset list 

Will i be able to update the current pxRequstor, pxThread to add the required rulesets on the fly ?

I have been trying to use the following in my service activity with no luck 

com.pega.pegarules.priv.authorization.PegaAuthorization auth = (com.pega.pegarules.priv.authorization.PegaAuthorization) tools.getAuthorizationHandle();
String strAccessGroup = auth.replaceAccessGroupToUse(tools, myStepPage.getString(".pyAccessGroup"));

The above code doesn't work for requestors of type App, only works for btach requstors.

com.pega.pegarules.priv.authorization.PegaAuthorization auth = (com.pega.pegarules.priv.authorization.PegaAuthorization) tools.getAuthorizationHandle();

String strAccessGroup = auth.setActiveAccessGroupToUse(tools, myStepPage.getString(".pyAccessGroup"));

i belive its not setting the provided accessgroup, because i see JAVA code executing properly 

 ** Failed to find a 'RULE-OBJ-FLOW' with the name 'TESTFLOW' that applies to 'XXXXX-Work-Test'. There were 2 rules with this name in the rulebase, but none matched this request. The 2 rules named 'TESTFLOW' defined in the rulebase are:
1 related to applies-to class 'XXXXX-Work-Test', but were defined in rulesets which are not in your rulesetlist: 'SSG:01-01-01'.
1 unrelated to applies-to class 'XXXXX-Work-Test', for example: 'PegaPDFS-Work-testCasetype'.


Current RulesetList:

{bunch of rulesets for the Service requestor }

1) Where is the Current RulesetList picked up from  pxRequestor or pxThread

2) will we able to update that list run time ?

Any thoughts ? appreciate your help

Thanks

Naveen

Found a way...! this should do it 

ClipboardProperty ruleSetCp;

ruleSetCp =  tools.findPage("TempAppPage").getProperty("pyRuleSetList");

int aAction = tools.getAuthorizationHandle().UPDATE_REPLACE;

try 

 {

    final com.pega.pegarules.priv.authorization.PegaAuthorization authorization = (com.pega.pegarules.priv.authorization.PegaAuthorization)tools.getThread().getAuthorization();

boolean status = authorization.setRuleSets(tools, aAction, ruleSetCp);

oLog.infoForced("Rulesets update : " + status);    

 } 

catch (PRSecurityException prsEx) {}

Please comment if there any other thoughts...!