Discussion

4
Replies
3256
Views
AnirvanD Member since 2015 4 posts
Virtusa Consulting Services Pvt. Ltd.
Posted: 5 years ago
Last activity: 4 years 5 months ago
Closed

RuntimeServletName and SecureServletName

Hi,

I was going through the Authentication PDF and got the following questions.

  1. What is the purpose of RuntimeServletName parameter when AuthenticationType is PRCustom? Can I give any arbitrary string as the value for this? Is it mandatory to pass this init param?
  2. While using SSL, how the SecureServletName parameter is being used? From the servlet-mapping, we are calling the same servlet both for SSL and Non-SSL. How the servlet class is  diffeerentiating the SSL and Non-SSL and how the SecureServletName parameter is being utilized from within the servlet? Can the value of SecureServletName parameter be any arbitrary string?

Thanks in advance.

Security
Close popover
Moderation Team has archived post
Posted: 5 years ago

Tough Question. Firstly,  I am not 100% sure but my thoughts are inline :


 


A) I remember the init param values for RuntimeServletName and SecureServletName are mandatory. b) The param values must match the to the url pattern defined in the servlet mapping.


 


this part of the document suggests the same :


"the RuntimeServletName and SecureServletName input parameters must identify two different valid servlet mappings (defined in theweb.xml file)"


 


I think the second question, you might have to revisit web.xml. In servlet mapping, we define both SecureServletName and RuntimeServletName.


 


EX :


    <servlet>

        <servlet-name>WebStandardSecureLogin</servlet-name>

        <display-name>WebStandardSecureLogin</display-name>

        <description>Starting standard interface to PegaRULES, using HTTPS for authentication *only*</description>

        <servlet-class>com.pega.pegarules.internal.web.servlet.WebStandardBoot</servlet-class>

        <init-param>

            <param-name>PegaEtierClass</param-name>

            <!--  COMPONENTS: This was previously com.pega.pegarules.services.HttpAPI -->

            <param-value>com.pega.pegarules.session.internal.engineinterface.service.HttpAPI</param-value>

         </init-param>

        <init-param>

            <param-name>AuthenticationType</param-name>

            <param-value>PRSecuredBasic</param-value>

        </init-param>

        <init-param>

            <param-name>RuntimeServletName</param-name>

            <param-value>PRServletProtected</param-value>

        </init-param>

        <init-param>

            <param-name>SecureServletName</param-name>

            <param-value>PRServletProtectedAuth</param-value>

        </init-param>

    </servlet>


 


 


    <servlet-mapping>

        <servlet-name>WebStandardSecureLogin</servlet-name>

        <url-pattern>/PRServletProtected</url-pattern>

    </servlet-mapping>

    <servlet-mapping>

        <servlet-name>WebStandardSecureLogin</servlet-name>

        <url-pattern>/PRServletProtected/*</url-pattern>

    </servlet-mapping>

    <servlet-mapping>

        <servlet-name>WebStandardSecureLogin</servlet-name>

        <url-pattern>/PRServletProtectedAuth</url-pattern>

    </servlet-mapping>

    <servlet-mapping>

        <servlet-name>WebStandardSecureLogin</servlet-name>

        <url-pattern>/PRServletProtectedAuth/*</url-pattern>

    </servlet-mapping>


 

Posted: 4 years ago

Hi i am Raghavendra


               i have dought in rdb list method  any one explain pls help with example

Posted: 4 years ago

hi


        i have dought how to create login page in pega give me with example


 
Share this page LinkedIn
Copied!