Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

1
Replies
88
Views
GeorgeJ6156 Member since 2016 20 posts
JP Morgan Chase
Posted: Jan 29, 2020
Last activity: Jan 29, 2020
Closed

How operator settings are modified via WEBLDAP

Hi Team,

I was going through the Data-Admin-AuthService and trying to set up LDAP authentication. Inside the authentication activity (let's use the OOTB AuthenticationLDAPWeb) ,there is a logic to set the Operator page. But at the end of the activity this page is removed and there is no Obj-Save. So how the user settings obtained from LDAP are persisted without and explicit Obj-Save.I am interested to know the logic behind this.

To see attachments, please log in.
Security

Posted: 5 years ago

I'm not an expert here, but from what I understand - when you are using "external authentication", the details of the operator are not persisted in Pega. The flow is such that for each login, the authentication is verified by LDAP and access is granted based on the response. 

For example, if operator A logs in on Monday with a certain password and then logs in again on Tuesday after they've updated their password - this is unknown to Pega. In other words, the password is not validated against anything that has been persisted in Pega and the change goes "undetected".

This would explain why you're not seeing the Obj-Save being done. I will follow up on this after consulting with SME.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice