shruti mishra (ShrutiM0986)

ShrutiM0986 Member since 2016 7 posts
Posted: May 23, 2017
Last activity: June 24, 2017
Posted: 23 May 2017 14:33 EDT
Last activity: 24 Jun 2017 18:51 EDT

Windows login with no Authentication

Problem statement - User logs in through usual windows authentication. Opens an IE session and then enters a URL(could be saved in favorites) - say http://XX-sr-pega01:root/prweb/TestSSO and wishes to be logged in directly. They do not want to enter any ID/password. They wish to use their windows ID as the pega operator ID.

I don't want any kind of authentication. Neither LDAP/SAML/Third party

So I created a Auth Sevice with Authentication Activity say "SSOSampleAuthActivity". In this Activity I am doing a page-new of Data-Admin-Operator-ID. Setting pyUserName (hardcoding to test),pyAccessGroup,pyOrganization,pyOrgDivision,pyOrgUnit.

And next I am calling below function to validate through java step. Below code is used in default LDAP pega activity to authenticate user.

PRAuthentication auth = pega.getAuthenticationHandle();
ClipboardPage operPage = tools.findPage("OperPage");

if (!auth.setUserSecurityProfile(pega, tools.getParamValue("UserIdentifier"), operPage)) {
String errorMsg = "Failed to set security profile for " + UserIdentifier + ": ";
ClipboardPage errorPage = tools.findPage("LoginError");
if (errorPage!=null) {
errorMsg += errorPage.getString("pxErrorMessage");

I am getting PRSecurityException: Invalid request error on this java step.

Does anybody know if I can bypass password entry to log in to pega? Has anybody implemented something like this?

***Moderator Edit: Vidyaranjan | Updated Categories***

Low-Code App Development Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.