Question

3
Replies
1545
Views
KarthikeyanR2740 Member since 2015 13 posts
Kaiser Permanente
Posted: 2 years ago
Last activity: 2 years 1 month ago
Closed

Customize Error Message during Pega basic login (non-SSO)

Currently when I login to pega using my user ID and password, Pega will throw the error message "The information you entered was not recognized." if I type incorrect user name or password.

I need to customize this error message as per requirement. As per my research, there is code in web-login.html which calls an activity Code-Security.Login which seems to handle the authentication and throw the error message.

<div id="submit_row">
<button id='sub' class="loginButton" name="pyActivity=Code-Security.Login" type="submit" onClick="removeErrorMessage();" >
<span class="loginButtonText" ><pega:lookup property="pxRequestor.pyButtonLabel"
However I could not find the activity Code-Security.Login. The activity is not present in this class. Please see attached screenshots
I checked DSS settings as well. This error message is not part of DSS Settings.
Can someone please guide me on how to customize this error message (basic PRPC login)?
***Updated by moderator: Lochan to update platform capability***
Low-Code App Development Dev/Designer Studio Security System Administration
Close popover
Moderation Team has archived post
Posted: 2 years ago

Hi,


I haven't attempted this personally, but have a couple of thoughts on how you might be able to dig a little deeper. 


When a browser hits the login screen for a Pega environment, it creates a requestor that you can attach a tracer session to.  You could try capturing a trace of a failed login attempt and seeing which activities (and other rules) are run.


Additionally, you could try running a rule content search (you'll have to be on an indexed system) to see if you can find the text for the message that is displayed on the screen.


Hope this helps!


-Kurt

Posted: 2 years ago

Thanks for your reply. I tried both the options already with no luck


1. I am able to remote trace the session with all events and rulesets checked. However the Code-Security.Login activity was not captured in the tracer. So, I could not find where exactly the error is coming from


2. I tried content search for the error message. I also checked in DSS, Field values. I could not figure out any rule reference where it might have been triggered. I changed some java scripts which contained this exact error message with custom error message (Ex., py-login-offline-browser-base). But portal is not picking up. So, it is code somewhere else.

Posted: 2 years ago

I actually did all the digging, and unfortunately the message is hard-coded into the Engine class com.pega.pegarules.session.internal.mgmt.authentication;


The string is here:  public static final String INFORMATION_NOT_RECOGNIZED = "The information you entered was not recognized.";


I confirmed this was the class outputting the message by enabling DEBUG for the class, entering an invalid password for administrator@pega.com and saw the messages:


2018-07-26 12:32:08,450 [http-apr-7930-exec-6] [ STANDARD] [ ] [ PegaRULES:07.10] (.authentication.Authentication) DEBUG vref0731pg|10.2.45.55 - Trying to validate the input credentials for User : administrator@pega.com  2018-07-26 12:32:08,453 [http-apr-7930-exec-6] [ STANDARD] [ ] [ PegaRULES:07.10] (.authentication.Authentication) DEBUG vref0731pg|10.2.45.55 - Operator administrator@pega.com is not locked  2018-07-26 12:32:08,454 [http-apr-7930-exec-6] [ STANDARD] [ ] [ PegaRULES:07.10] (.authentication.Authentication) DEBUG vref0731pg|10.2.45.55 - The information you entered was not recognized. 


SO I am afraid that you are out of luck :(  You can enter an enhancement request, but there is currently (I did this in 7.3.1) no way to customize this message.
Share this page LinkedIn
Copied!