Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Ravi Ramineni (RaviR054)
ConEdison

ConEdison
US
RaviR054 Member since 2016 15 posts
ConEdison
Posted: May 18, 2016
Last activity: Jun 23, 2016
Posted: 18 May 2016 9:44 EDT
Last activity: 23 Jun 2016 15:44 EDT
Closed

IAC authentication for external application using .NET Forms Authentication

Hi all,

I'm working on a project to expose Pega gadget to an internet facing ASP.NET application.

About .NET application:

Internet facing

Uses ASP.NET Forms authentication

Stores user id and password in internal sql database in encrypted format.

How to handle the authentication mechanism for this use case? There is no central data store to verify credentials. Auth cookies generated by ASP.NET are not useful to verify authentication in Pega. The only way I can think of is sharing user name/password in a secure way between .NET, Pega applications and  verify them against internal sql data store.

Any other thoughts?

Also, what's the best  platform independent way to encrypt/decrypt username/password for transmitting over http ? Of course, it will be over https and POST.

Thanks!

To see attachments, please log in.
Data Integration
Security

Posted: 8 years ago
Posted: 26 May 2016 9:24 EDT
Habeeb Baig (BaigHabeeb)
Virtusa IT Consulting
Lead Decisioning Architect
Virtusa IT Consulting
AE

Were you able to generate Pega gadget?

Once you generate Pega gadget file you will find <div> tag for your pega gadget and there you may find/define the below attribute.

PegaA_params={UserIdentifier:"<PRPC_USER>",Password:"<PASSWORD>"}

where <PRPC_USER> and <PASSWORD> can be replaced with the values returned from the URL parameters which looks something like this http://localhost:8080/prweb/PRServlet?UserIdentifier=User1&ClientID=ABC/IAC/ZcKhA-nN3v-qJFMkJyYs1w%5B%5B*/!STANDARD?

To see attachments, please log in.
Posted: 8 years ago
Posted: 26 May 2016 9:28 EDT
Habeeb Baig (BaigHabeeb)
Virtusa IT Consulting
Lead Decisioning Architect
Virtusa IT Consulting
AE

Also for your other question,

what's the best  platform independent way to encrypt/decrypt username/password for transmitting over http ?

Gateway configuration console is the platform where you provide username and password which will later be shown in encrypted format.

To see attachments, please log in.
Posted: 8 years ago
Posted: 22 Jun 2016 13:11 EDT
Ravi Ramineni (RaviR054)
ConEdison

ConEdison
US

How would you form the link?

It's the user authentication mechanism I'm asking about. I didn't really get why gateway console is in picture for this question. while gateway is part of the configuration, my question is about how would you transmit user credentials securely between legacy applications and Pega gadget.

Are you referring to openWorkByURL method?

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice