Question

5
Replies
297
Views
Close popover
Hongte Kim (kimh1)
PEGA
Sr. System Architect
Pegasystems Inc.
JP
View Profile Send Message
kimh1 Member since 2016 32 posts
PEGA
Posted: March 21, 2017
Last activity: May 8, 2017
Closed
Solved

How to use security policy on PRCustom authentication acitivity

My project use Pega cloud 2 and PRPC 7.2.

And there is a requirement to whitelist of Client IP address.
On pega cloud 2 , I can't get client IP by RemoteAddr so I need to get x-forwared-for of HTTP Header.

To achieve this I have to use PRCustom authentication activity to get x-forwared-for but it seems that PRCustom authentication activity can't use security policy.
For example, I can't use account lock, password failed penalty function of security policy.

Is there any way to use security policy functions on PRCustom authentication activity?

***Updated by moderator: Lochan to add SR details***

Low-Code App Development Security Support Case Created
Close popover
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 4 years ago
Close popover
Lochana Durgada Vijayakumar (Lochan_DV)
MOD
Lead Technical Documentation Specialist
Pegasystems Inc.
IN
View Profile Send Message

Hi Kim,


We see that your query is being addressed on an SR with Pega Support. The SR looks active and ongoing so we recommend continuing that route of investigation. Do let us know for any updates!


Thank you!

Posted: 4 years ago
Close popover
Hongte Kim (kimh1)
PEGA
Sr. System Architect
Pegasystems Inc.
JP
View Profile Send Message

Hi Lochana,


You are right, this SR is related to SR-B36429 which I ask to update server.xml by using RemoteIpValve to get RemoteAddr, but there are possibility this doesn't work well.

So I asked same query with this post on SR-B39021 and I got reply that this query is out of scope of GCS and should be posted to Product Support Community.

Posted: 4 years ago
Close popover
Lochana Durgada Vijayakumar (Lochan_DV)
MOD
Lead Technical Documentation Specialist
Pegasystems Inc.
IN
View Profile Send Message

Hi Kim,


Thank you for providing this information. Having this background helps! I will try to reach out internally to see how best to help you with your query.


Regards,

Posted: 4 years ago
Close popover
Lochana Durgada Vijayakumar (Lochan_DV)
MOD
Lead Technical Documentation Specialist
Pegasystems Inc.
IN
View Profile Send Message

Hi Kim,


I see that this is now being handled by reopening the earlier SR. We will track that through this post until resolution.


Thank you!

Accepted Solution

Posted: 3 years ago
Close popover
Bala Nagendra Babu Devaguptapu (Bala_Nagendra)
PEGA
Principal Technical Solutions Engineer
Pegasystems Inc.
IN
View Profile Send Message

Hi,


Here is the explanation for reported issue, "External authentication does not use the PRPC security policy. When a user has "External Authentication" flag set on their Data-Admin-Operator-ID record the Password stored in the same record is not used to authentication within PRPC.  For example with LDAP the password the user provided on the PRPC SSO Login page, provided by configuration in the Data-Admin-AuthService, is just passed to the LDAP server for verification. The LDAP server security policies take affect. Same with other third part security software like Siteminder, WebSEAL as these require authentication before even being allowed to access any resource on site they are protecting. These have their own security policies etc."



Please check the below post for reference,


https://pdn.pega.com/community/pega-product-support/question/does-pega-password-policy-security-policy-applicable
Share this page Share via LinkedIn Copying...
Copied!