Close popover
Anurag Nedunuri (anuragn4)
Ruletronics Systems Limited
Pega Senior System Architect
Ruletronics Systems Limited
anuragn4 Member since 2017 3 posts
Ruletronics Systems Limited
Posted: January 27, 2020
Last activity: January 28, 2020

Fail error during Single Sign On using built on application

We have a SSO implementation using custom authentication activity. The requestor type is mapped to an unauthenticated access group with PegaRULES:Guest-Maximum as user role. The AG is mapped to an application A whose rule sets have the authentication service and the authentication activity. The authentication activity invokes a connect-http service which is also in rulesets belonging to application A.

Due to some changes, we have created an other application B and added application A as built on to B. Now, we are referring B in the earlier mentioned Unauthenticated AG. We are seeing error during the execution of the connect-http service. I error we see is:

Only authenticated client may start this activity: RULE-OBJ-ACTIVITY RULE-OBJ-REPORT-DEFINITION PXRETRIEVEREPORTDATA #20160614T132614.161 GMT ReqID=HF4B40208D8E3C8E194ABCD195572BF74 Error: You lack access required to execute RULE-OBJ-ACTIVITY RULE-OBJ-REPORT-DEFINITION PXRETRIEVEREPORTDATA #20160614T132614.161 GMT.

This error does not happen when we directly map application A to the unauthenticated AG. I can understand that PegaRULES:Guest-Maximum does not have access to the class Rule-Obj-Reportdefinition and hence I can see this error. However, Can some one help with this issue to understand why Pega is trying to run a RD when application B is mapped and used as built - on to A.

Attached log for further information

***Edited by Moderator Marissa to update platform capability tags****

Pega Platform Security
Moderation Team has archived post