Discussion
4
Replies
3276
Views
Posted: July 19, 2015
Last activity: April 18, 2016
Closed
RuntimeServletName and SecureServletName
Hi,
I was going through the Authentication PDF and got the following questions.
- What is the purpose of RuntimeServletName parameter when AuthenticationType is PRCustom? Can I give any arbitrary string as the value for this? Is it mandatory to pass this init param?
- While using SSL, how the SecureServletName parameter is being used? From the servlet-mapping, we are calling the same servlet both for SSL and Non-SSL. How the servlet class is diffeerentiating the SSL and Non-SSL and how the SecureServletName parameter is being utilized from within the servlet? Can the value of SecureServletName parameter be any arbitrary string?
Thanks in advance.
Tough Question. Firstly, I am not 100% sure but my thoughts are inline :
A) I remember the init param values for RuntimeServletName and SecureServletName are mandatory. b) The param values must match the to the url pattern defined in the servlet mapping.
this part of the document suggests the same :
"the RuntimeServletName and SecureServletName input parameters must identify two different valid servlet mappings (defined in theweb.xml file)"
I think the second question, you might have to revisit web.xml. In servlet mapping, we define both SecureServletName and RuntimeServletName.
EX :
<servlet>
<servlet-name>WebStandardSecureLogin</servlet-name>
<display-name>WebStandardSecureLogin</display-name>
<description>Starting standard interface to PegaRULES, using HTTPS for authentication *only*</description>
<servlet-class>com.pega.pegarules.internal.web.servlet.WebStandardBoot</servlet-class>
<init-param>
<param-name>PegaEtierClass</param-name>
<!-- COMPONENTS: This was previously com.pega.pegarules.services.HttpAPI -->
<param-value>com.pega.pegarules.session.internal.engineinterface.service.HttpAPI</param-value>
</init-param>
<init-param>
<param-name>AuthenticationType</param-name>
<param-value>PRSecuredBasic</param-value>
</init-param>
<init-param>
<param-name>RuntimeServletName</param-name>
<param-value>PRServletProtected</param-value>
</init-param>
<init-param>
<param-name>SecureServletName</param-name>
<param-value>PRServletProtectedAuth</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>WebStandardSecureLogin</servlet-name>
<url-pattern>/PRServletProtected</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WebStandardSecureLogin</servlet-name>
<url-pattern>/PRServletProtected/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WebStandardSecureLogin</servlet-name>
<url-pattern>/PRServletProtectedAuth</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WebStandardSecureLogin</servlet-name>
<url-pattern>/PRServletProtectedAuth/*</url-pattern>
</servlet-mapping>