Question
Pegasystems Inc.
AU
Last activity: 18 Feb 2016 5:31 EST
NullPointerException while reading header in Custom Authentication for Service Package
We've encountered NullPointerExceptions in a SOAP Service Package using a custom authentication activity that accesses pxHTTPServletRequest.
Tracing the authentication activity through the Service requestor shows this to be empty, which would be expected outside the context of authentication.
The PDN article below, references a Hotfix (HFix-22594) that doesn't appears to have a fixed in version of ML9 in PMF, this in turn references a like HotFix for SOAP (Hfix-20351).
Can someone please confirm what ML HFix-20351 has been ported into, and further given that different Hotfixes were required for REST and SOAP, whether more changes are required or have been made to address other Service Types?
Accepted Solution
Pegasystems Inc.
US
Hi Joel,
The Soap correction is documented as fixed in Pega 7.1.8 and the rest in Pega 7.1.9.
Here is the content from a pending support article sans image. Check that your code matches
Article Content
SUMMARY
Using Pega 7.1.8 and calling PegaAPI for case and data. You would like use a security token in the request header instead of Basic Authorization.
ERROR MESSAGES
Not Applicable
STEPS TO REPRODUCE
Not Applicable
ROOT CAUSE
Not Applicable
RESOLUTION
Modify API Service Package to use Custom Authentication type instead of Basic.
Hi Joel,
The Soap correction is documented as fixed in Pega 7.1.8 and the rest in Pega 7.1.9.
Here is the content from a pending support article sans image. Check that your code matches
Article Content
SUMMARY
Using Pega 7.1.8 and calling PegaAPI for case and data. You would like use a security token in the request header instead of Basic Authorization.
ERROR MESSAGES
Not Applicable
STEPS TO REPRODUCE
Not Applicable
ROOT CAUSE
Not Applicable
RESOLUTION
Modify API Service Package to use Custom Authentication type instead of Basic.
Then write an Authentication Activity for this Custom Authentication Service that retrieves the security token from the request header and does user validation for Authenticating the request for invoking PegaAPI Rest service.
Here is the code that can be used in a java step inside the Authentication Activity for retrieving the token from the request header.
javax.servlet.http.HttpServletRequest request = (javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");
String your_user = request.getHeader("your_token");
tools.putParamValue("your_token ", your_token);
Pegasystems Inc.
AU
Hey Jim,
Thanks for the response, I've now confirmed SOAP and REST in a Personal Edition are working as expected; is there any indication as to how other service types may deal with this?
Hi Joel,
Can you tell me which Version of PRPC did you test it with? I tested it using SOAP Service both in PRPC 7.1.8 and 7.1.9 and in both cases I get an NPE. It seems like I still Need a hot fix.
Cheers,
Piotrek
Pegasystems Inc.
AU
Hey Piotr,
It was 7.1.9 I tested with, I can see if I can drag up how I tested next week.
Cheers,
Joel
Pegasystems Inc.
US
Hi Joel
I'm not sure. Is there another case you have in mind?
Pegasystems Inc.
AU
JMS and MQ are a primary concern at present, I only ask as it appears these required separate Hot Fixes for SOAP and REST so on the surface it would suggest that the fix is service type specific.
Pegasystems Inc.
AU
Hey Jim,
Is there any further info on this, or should I go ahead and raise a 'General Question' SR.
Cheers,
Joel