Question
Instellars
IN
Last activity: 10 Jan 2018 21:59 EST
Pega Mashup Security
Dear Team,
We have the following security requirements related to pega mashup. Kindly advise.
1. Separate different URL for Pega mashup - Our pega app server's are in Intranet zone and pega mashup gadget will be embedded in the website which is internet. How do we expose this separate URL using proxy servers ?
2. Session Management and Session time out configs - How do we manage web session (website) and Pega session created using mashup gadget ?
3. Authentication : How do we authenticate the external user from Pega. This user is not a LDAP user or not an operator ID exist in Pega.
4. Pass the Params from Mashup : We need to pass parameters like Member ID etc to create the case in Pega or pull the worklist based on this Member ID. How do we encrypt this Member ID and send to Pega and decrypt at pega side to create a case/pull a case. (Need to be encrypted, as Member ID should not be visible in the HTML source)
5. External user would be attaching a files or creating a case by filling the sensitive data. How do we encrypt and send this information or in other words how do we encrypt for both Inward and outward data ?
Thanks,
Manju