Question
MBAFC
CN
Last activity: 19 Jun 2024 1:48 EDT
Question about best practice on basic access control
We plan to upgrade CustomerServiceForFS 8.2.8 to CustomerServiceForFS 8.23.1 or later.
Currently we facing the issue 403 which result by the new feature basic access control.
Our plan is to update our code to mitigate the 403 issue. However there are some security event SECU0019 were found in the security event log which result by the Pega OOTB rules.
For example:
Issue 1: which was resulted by the rule webwb • Pega_interaction_commonUtil • js. And this rule is a final version created by Pega.
https://support.pega.com/system/files/attachments/question/2024-06/BAC%20Issue%201.PNG
Unauthorized request detected : Unregistered request encountered with params pyActivity:pzRunActionWrapper pySubAction:runAct pzActivity:PegaCA-Work-Interaction.PopulateHarnessPage e
Issue 2: similar as issue 1 which was captured the error when use the scenario test record. This issue also result by the OOTB rule and that is a final rule.
https://support.pega.com/system/files/attachments/question/2024-06/BAC%20Issue%202.PNG
Unregistered request encountered with params pyActivity:pzRunActionWrapper pySubAction:runAct pzActivity:pxCreateFunctionalTestCaseStep eventSrcSection:Rule-Test-Functional-Case.pxAutomationRecorderFooter*
If we want to enable the new BAC feature, what we should do to resolve the issue caused by the Pega OOTB rule.
Thanks,
We plan to upgrade CustomerServiceForFS 8.2.8 to CustomerServiceForFS 8.23.1 or later.
Currently we facing the issue 403 which result by the new feature basic access control.
Our plan is to update our code to mitigate the 403 issue. However there are some security event SECU0019 were found in the security event log which result by the Pega OOTB rules.
For example:
Issue 1: which was resulted by the rule webwb • Pega_interaction_commonUtil • js. And this rule is a final version created by Pega.
https://support.pega.com/system/files/attachments/question/2024-06/BAC%20Issue%201.PNG
Unauthorized request detected : Unregistered request encountered with params pyActivity:pzRunActionWrapper pySubAction:runAct pzActivity:PegaCA-Work-Interaction.PopulateHarnessPage e
Issue 2: similar as issue 1 which was captured the error when use the scenario test record. This issue also result by the OOTB rule and that is a final rule.
https://support.pega.com/system/files/attachments/question/2024-06/BAC%20Issue%202.PNG
Unregistered request encountered with params pyActivity:pzRunActionWrapper pySubAction:runAct pzActivity:pxCreateFunctionalTestCaseStep eventSrcSection:Rule-Test-Functional-Case.pxAutomationRecorderFooter*
If we want to enable the new BAC feature, what we should do to resolve the issue caused by the Pega OOTB rule.
Thanks,
Accepted Solution
Updated: 19 Jun 2024 1:48 EDT
Pegasystems Inc.
IN
For issue 1: In customer service framework all registration codes will be added in CPMInteractionHeader in a hidden text input actions tab. As part of the registration OOTB rule includes registration for "PopulateHarnessPage". If not present can explicitly added registration in the same way.
Thank you.
Updated: 19 Jun 2024 1:48 EDT
Pegasystems Inc.
IN
@Shipeng_Tian For issue 2:
There is a run script present in navigation rule pyAutomationRecorderNav . When we expand Case type label we have second run script action calling "pega.ui.automation.recorder.stepbuilder.createCaseStep" function. This is causing the BAC error/.To overcome the issue enable checkbox "Register OOTB actions used in script for URL tamper proofing" below run script and add action"Run activity".Provide the activity and parameter values dynamically to register the activity.
Thank you.
MBAFC
CN