Question
IAC authentication for external application using .NET Forms Authentication
Hi all,
I'm working on a project to expose Pega gadget to an internet facing ASP.NET application.
About .NET application:
Internet facing
Uses ASP.NET Forms authentication
Stores user id and password in internal sql database in encrypted format.
How to handle the authentication mechanism for this use case? There is no central data store to verify credentials. Auth cookies generated by ASP.NET are not useful to verify authentication in Pega. The only way I can think of is sharing user name/password in a secure way between .NET, Pega applications and verify them against internal sql data store.
Any other thoughts?
Also, what's the best platform independent way to encrypt/decrypt username/password for transmitting over http ? Of course, it will be over https and POST.
Thanks!
Were you able to generate Pega gadget?
Once you generate Pega gadget file you will find <div> tag for your pega gadget and there you may find/define the below attribute.
PegaA_params={UserIdentifier:"<PRPC_USER>",Password:"<PASSWORD>"}
where <PRPC_USER> and <PASSWORD> can be replaced with the values returned from the URL parameters which looks something like this http://localhost:8080/prweb/PRServlet?UserIdentifier=User1&ClientID=ABC/IAC/ZcKhA-nN3v-qJFMkJyYs1w%5B%5B*/!STANDARD?