Skip to main content
Contact a Moderator

Question

5
Replies
644
Views
 JC Romero (JC_Romero)
Hoverstate
Lead System Architect
Hoverstate
US
JC_Romero Member since 2012 14 posts
Hoverstate
Posted: May 29, 2020
Last activity: June 1, 2020
Posted: 29 May 2020 13:38 EDT
Last activity: 1 Jun 2020 11:08 EDT
Closed
Solved

Trace SSO/SAML authentication service and authentication activity

Hey everyone,

we are working on Pega Platform 8.3.3, we have set up a Auth Service, seems to be working fine, but we need to manipulate the user to be set as a model operator. 

I have tried to trace the unauthenticated requestor, but I can't see any of the rules specified in the auth service.

I have created an unauth AG for the unauth requestors, and set the rules in that ruleset.

Wondering if I am missing something, I'll appreciate your help.

 

Thanks,

***Edited by Moderator: Pallavi to change category from General to Product***

Pega Platform 8.3.3 System Administration Lead System Architect
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 1 year ago
Posted: 29 May 2020 15:29 EDT
Angel Hermira (AngelHermira)
PEGA
Product Manager, Robotics
Pegasystems Inc.
GB

Hi,

How the model operator is used is determined by the authentication service that you are using. Which type of authentication service are did you create?.

There are two possible behaviours:

  a) The model operator is determined by the Unit (Org-Div-Unit) you are logging it to. 

  b) The model is one of the parameters you receive

Regards,

Angel
Posted: 1 year ago
Posted: 29 May 2020 16:04 EDT
JC Romero (JC_Romero)
Hoverstate
Lead System Architect
Hoverstate
US

Hey Angel,

 

thanks for the quick response, I am currently using a DP to set the operator, please see attachment.

So I am getting a group attribute in the D_SAMLAssertionDataPage, the requirement is to based on those groups I need to add Access groups to the operator. 

 

Thanks in advance!

 

 
Posted: 1 year ago
Posted: 1 Jun 2020 7:28 EDT
Angel Hermira (AngelHermira)
PEGA
Product Manager, Robotics
Pegasystems Inc.
GB

Hi,

Without knowing more details of your current issue it is difficult to provide more accurate help, but you seem to be on the right track.

The D_SAMLAssertionDataPage provides you with all the data in the SAML response payload. If you can see the groups there it's a question of setting these in the operator. The challenge you may have is that you may need to provide logic in the Data Page you're using to determine which model operator to load based on the groups received. You could also use a data transform what would provide you more control over the groups and properties to set and you could also use the data page from there.

Do you have a specific error or something that it is not working for you?

Thanks,

Angel

Accepted Solution

Posted: 1 year ago
Updated: 1 year ago
Posted: 1 Jun 2020 11:07 EDT
Updated: 1 Jun 2020 11:08 EDT
JC Romero (JC_Romero)
Hoverstate
Lead System Architect
Hoverstate
US

Thank you both, the issue I had was trying to trace post activity and also the Data Page that sets the name of the Model Operator. I went and made all the changes in the post authentication activity to remove and add the access groups I needed and all worked.

Tracing the whole thing would have helped me a lot more but it worked.

 

Thanks!

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice