How to block a service call (SOAP/REST) via a DSS setting?
We have multiple SOAP and REST service in our Pega application. The services are being invoked by some other Pega and non-Pega applications. We would like to build a solution by which based on some setting on/off, we can block/allow the service call to our application.
Ex- We will have a DSS as 'EnableService' set as false. So when the DSS value is false, whoever is invoking the service(s), should get get fail message irrespective of the request parameters.
When the value is set as true, the request should be reached to the corresponding service and do the operation as coded.
Any help how we can build a solution to handle this requirement?
***Edited by Moderator Marissa to update platform capability tags****
In the step-1 of the activity, check for value of DSS--if it is true, normal process should continue.Else, jump to last step, where you can set the customized error message to appropriate fields in response.
Also make sure, this step should not execute in normal process.
Thanks for you reply. But this will not be a generic solution. If an application has 10+ services, we need to changes in 10+ rules and for any future services, we need to implement the same changes again. We would like to build a generic solution so that that one solution handles requests for n number of current and future services.
This kind of question may be more suitable for a senior system architect. It sounds like you need to do something at the servlet level - namely PRRestService and PRSOAPServlet. For example, from the help files - "The PRSOAPServlet servlet routes the request to the appropriate SOAP service package and rule." You would need to modify this dispatch process to recognize some sort of "Service Down" flag.
I suppose you could also write your own SOAPServlet that would forward the request to PRSOAPServlet unless service is down.
Clients could then access your custom servlet in the URL.
Our requirement is to block all SOAP/REST calls based on some configuration settings. Can you please refer to some PDN articles on how we can implement the solution or suggest to raise a Pega SR to engage a Pega SME so that we can get detailed instruction on the implementation.
We thought about introducing the authentication activity at Servlet level (by changing in web.xml file) but was not successful. So, we need some Pega SME to help not that via this forum or via a new Pega SR.