Question
Where can I find the PRServlet's standard authentication process related rules?
Hi,
We have two Pega URLs for:
1. LDAP authentication (PRWebLDAP1)
2. Standard authentication (PRServlet)
Some operators have check on "Use external authentication" on operator ID and they need to use LDAP URL. Other operators have no check on "Use external authentication" and they use standard PRServlet. We are considering if we can merge the URL into one so operators do not have to switch URL. So requirement is, after user logs in, if the check box is on, run Code-Security.AuthenticateLDAP (out-of-the-box activity) otherwise run standard matching process (check if entered password is the same as the one in PRPC database (PR_OPERATOR table's password). If there is any out-of-the-box process API to match credentials in Pega database, I can call it in the AuthenticationLDAP activity using conditioning. Where can I find one?
Thanks,
Hi Adithya,
1. My intent was, I don't need to use two Servlets. I only use PRCustom for LDAP and this is the default. In this authentication, PRPC runs authentication service which triggers an activity where I can build any authentication logic. So, before this actual authentication logic is reached, I can also check if operator has "Use external operator authentication" checkbox on or not. If it is off, run all authentication rules that are used in Standard log in. Is that feasible?
2. I traced but I am unable to find any authentication related rules. To me, Tracer seems to be tracing all rules after authentication. Is that so? Or can you please tell me which exact rules are for standard authentication?
Thanks,
Hi,
I am not sure if that is feasible as the starting point seems to be from background engine code.
Someone from Product Engineering team may be able to answer this.
Thank you,
Adithya
Hi,
It is not possible to use same url or same servlet to trigger different authentication mechanisms based on the checkbox(Use external authentication) configured in the operator rule as different authentication mechanisms will trigger based on the servlet url pattern and as part of each authentication mechanism, the operator rule is checked to know whether operator is configured for external or Pega basic authentication after one of the mechanism is selected based on servlet url pattern.
You can trace the requestor corresponding to login page( when you are in login page) to check what are all the rules it executes during login.
Thank you,
Adithya