Posted: 29 Jan 2020 2:59 EST Last activity: 29 Jan 2020 8:22 EST
How operator settings are modified via WEBLDAP
I was going through the Data-Admin-AuthService and trying to set up LDAP authentication. Inside the authentication activity (let's use the OOTB AuthenticationLDAPWeb) ,there is a logic to set the Operator page. But at the end of the activity this page is removed and there is no Obj-Save. So how the user settings obtained from LDAP are persisted without and explicit Obj-Save.I am interested to know the logic behind this.
I'm not an expert here, but from what I understand - when you are using "external authentication", the details of the operator are not persisted in Pega. The flow is such that for each login, the authentication is verified by LDAP and access is granted based on the response.
For example, if operator A logs in on Monday with a certain password and then logs in again on Tuesday after they've updated their password - this is unknown to Pega. In other words, the password is not validated against anything that has been persisted in Pega and the change goes "undetected".
This would explain why you're not seeing the Obj-Save being done. I will follow up on this after consulting with SME.