We are trying to capture the users unique identifier so that we can log the user into the application as the X509 certificate's unique ID (ten digit number).
We have configured Tomcat with a secure key store and trust store where the system prompts for the user's certificate and PIN. The browser passes the attributes to the application in the HTTPHeaderRequest; however, I cannot get the Pega code to read the http header request object.We have the following java code in our authentication activity (called from /PRWebLDAP1).
The output from the code below is the following:
Request is not null
Request = com.pega.pegarules.priv.authentication.RequestFacade@4fc53f6a
ERROR: Calling x509 certificate ... Attributes not available in the ETier
It appears to bomb on "request.getRemoteUser()". How can I get information from the request object?
At the web tier level we populate this class with contents from the actual HttpServletRequest object and some content is simply not added, including attributes. The methods for request attributes are defined in RequestFacade but they throw exception as not implemented.
That is why you get the "Attributes not available in the ETier" error.
3. I am able to grab the user credentials (lastname.firstname.mi.1234567890) from the /abssConnect url (b/c it reads from getAttributes); however, I cannot get the user credentials from the /prweb/PRWebLDAP1/ url
Does pega store the recorded CAC CN anywhere during the authentication process?