Problem statement - User logs in through usual windows authentication. Opens an IE session and then enters a URL(could be saved in favorites) - say http://XX-sr-pega01:root/prweb/TestSSO and wishes to be logged in directly. They do not want to enter any ID/password. They wish to use their windows ID as the pega operator ID.
I don't want any kind of authentication. Neither LDAP/SAML/Third party
So I created a Auth Sevice with Authentication Activity say "SSOSampleAuthActivity". In this Activity I am doing a page-new of Data-Admin-Operator-ID. Setting pyUserName (hardcoding to test),pyAccessGroup,pyOrganization,pyOrgDivision,pyOrgUnit.
And next I am calling below function to validate through java step. Below code is used in default LDAP pega activity to authenticate user.
If you would like to have your users login with their windows credentials, then your app server needs to authenticate the users. when the resource request reaches the servlet (PRServletContainerAuth in this case) the user would be already authenticated. You should be able to access the security principal object for the user.
you dont need to write nay other activity, you can use the ootb establishoperator activity for this purpose. But before you do this ensure that the authentication is enabled on your app server end ( could be JAAS, kerberos with LTPA, Spnego etc)