Question

3
Replies
1088
Views
bisse766 Member since 2014 5 posts
Swedish Unemployment Funds
Posted: 4 years ago
Last activity: 4 years 6 months ago
Closed
Solved

Pega 7.2 Web service with authentication - possible to use non-preemptive authentication?

Hi,

I have set up pega web services that is going to be consumed from Biztalk 2013. I use basic authentication with a custom authentication service, using basic authentication for signon. The services work, and the authentication works when I use preemptive authentication (sending username / pasword in the header) in the request.

Apparently Biztalk don't support this out of the box, it sounds like they are expecting a 401 in return and then they will provide the auth info in the header in the second request.

What I have understand it is that there is an ER logged but has not been implemented in Pega:

PRPC services protected by Basic authentication doesn’t follow the HTTP spec (see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2), which mandates application to send WWW-Authenticate header along with 401 status code. Wrong behavior of PRPC service forces the service clients to use preemptive authentication.

Has anyone here had similar problems? Did you solve it (on the Pega-side of the integration) ?

Thanks

Henrik

Pega Customer Service Data Integration Security
Moderation Team has archived post
Share this page LinkedIn