Question

1
Replies
231
Views
LiL95470 Member since 2015 14 posts
W&W
Posted: January 22, 2018
Last activity: January 23, 2018
Closed

Verify the SAML token as Service Provider

We have a SOAP Webservice exposed on our Pega Environment, and this service must be protected by SAML. It means, the Service consumer must provider a valid SAML token.

Both Service Provider and Service Consumer are running on Pega Environment. We could send a SOAP request with a saml token, but how could the saml token be verified by service provider.

The service provider was configured as following,a ws-security profile was created,on inflow tab a SAML was added, see the screenshot below. on Keystore tab a keystore file (public key) was also uploaded. There is a keypair, the service consumer uses the private key to generation its saml token. I guess, as service provider, we need to upload the public key here. But i am not sure.

Then i have created a SOAP connector, but i got a security error, service falied.

Could someone please help me to configure it? do i need another URL to talk with the webservice that i exposed? now i test it only with the ordinary url:prweb/PRServlet/

We use pega 7.22, the prpc was deployed on Websphere application server.

***Updated by moderator: Lochan to add Categories***

Data Integration Low-Code App Development Installation and Deployment
Moderation Team has archived post
Share this page LinkedIn