Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Marc de Boer (Marcd559)
KPN

KPN
NL
Marcd559 Member since 2015 5 posts
KPN
Posted: Feb 21, 2018
Last activity: Mar 7, 2018
Posted: 21 Feb 2018 8:26 EST
Last activity: 7 Mar 2018 4:53 EST
Closed
Solved

Provide Pega Portal without login

Hi,

We have build a portal in Pega which is available to all users in the organisation. In order to avoid logging in each time the portal is used, we have added a 'quest' account in Pega and provided an url to all users that contains the credentials to login. For instance:

https://l3-cm-pega.web.gen.local/prweb/DqaNi29zaQQ0_Rd-qumFVKNd5DvCmtxw*/!STANDARD?UserIdentifier=quest&Password=Z3Vlc3Q=

Now this works perfectly. However our security department does not like these credentials within the url. So is there another way to provide a portal to users where they do not need to login, and that does not have credentials in an url?

Thanks, Marc

To see attachments, please log in.
Security
User Experience

Accepted Solution

Posted: 8 years ago
Posted: 21 Feb 2018 11:23 EST
Mohammad Asif Hasan (Mohammad_Asif_Hasan)
EPAM Systems, Inc.
Mohammad Asif Hasan
EPAM Systems, Inc.
ES

Hi Marc,

Thanks for posting on PSC.

As you want the portal to be unauthenticated and application should be made available to all the user within your internal network.

I would agree with the previous suggestion of implementing SSO as it will address security problem as well.

Refer below links for implementation details:-

https://docs-previous.pega.com/web-single-sign-sso-saml-20 (Please refer links in the left side panel as well)

https://collaborate.pega.com/question/how-implement-single-sign-prpc-722-pega-personal-edition

https://pdn.pega.com/community/pega-product-support/question/sso-implementation-pega7

https://docs-previous.pega.com/single-sign

I am not sure, how much IAC would be beneficial in your use-case.

Though I would try to research more, your initial issue of skipping authentication or passing alternatively username/password.

Hope it helps you in your implementation. Kindly notify if it does by marking this post as answered/helpful.

Regards,

Asif 

To see attachments, please log in.
Posted: 8 years ago
Posted: 21 Feb 2018 8:52 EST
DIBYAKANTI MODAK (DIBYAKANTIM)
Publicis Sapient

Publicis Sapient
IN

You can try with SSO or IAC concept. Search on pdn to get details of it

To see attachments, please log in.

Accepted Solution

Posted: 8 years ago
Posted: 21 Feb 2018 11:23 EST
Mohammad Asif Hasan (Mohammad_Asif_Hasan)
EPAM Systems, Inc.
Mohammad Asif Hasan
EPAM Systems, Inc.
ES

Hi Marc,

Thanks for posting on PSC.

As you want the portal to be unauthenticated and application should be made available to all the user within your internal network.

I would agree with the previous suggestion of implementing SSO as it will address security problem as well.

Refer below links for implementation details:-

https://docs-previous.pega.com/web-single-sign-sso-saml-20 (Please refer links in the left side panel as well)

https://collaborate.pega.com/question/how-implement-single-sign-prpc-722-pega-personal-edition

https://pdn.pega.com/community/pega-product-support/question/sso-implementation-pega7

https://docs-previous.pega.com/single-sign

I am not sure, how much IAC would be beneficial in your use-case.

Though I would try to research more, your initial issue of skipping authentication or passing alternatively username/password.

Hope it helps you in your implementation. Kindly notify if it does by marking this post as answered/helpful.

Regards,

Asif 

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice