Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

4
Replies
6310
Views
Sudipta Biswas Member since 2018 13 posts
Tech Mahindra Ltd
Posted: Jul 27, 2016
Last activity: Jul 28, 2016
Closed

PRPC:Unauthenticated access group question

We are trying to customize the out of the box logoff behaviour for our application where once user selects log-off , the browser window will automaticlly close. The out of the box behaviour after logging off is

1. User will see the log off screen

2. Redirected to log in screen

For our change we have modified the out of the box Code-Security.EndSession activity in our ruleset version and added one step to close the browser window. While debugging using tracer we found that once the user hits the logoff link, it was calling the out of the box EndSession activity(not the customized one). Once we have updated the  PRPC:Unauthenticated access group and added our own application rule inside it, the new EndSession activity rule is getting picked up. 

I would like to know:

1. How the PRPC:Unauthenticated access group is being used by the user at the time of log off. The test user id is pointing to our own application specicfic access group.

2. How can we change the above behaviour as I don't want to change the PRPC:Unauthenticated access group. I would like to create a new  unauthenticated access group and let the user to use that at the time of logging off.

***Updated by moderator: Lochan to add Category***

To see attachments, please log in.
Security

Posted: 8 years ago

To achieve your functionality :'user selects log-off , the browser window will automaticlly close. ' please use this OOTB HTML fragment -  UserWorkForm to automatically close window after the user logs off from Pega. 

<script type="text/javascript"> function closeWindow() { setTimeout(function() { window.close(); }, 3000); } window.onload = closeWindow(); </script>

You can use this HTML fragment to do a lot of other browser behaviour modifications like disabling back buttons etc. But remember the behaviour may be restricted only IE browser only.

To answer your point # 1: there is no relation with the log off and the prpc:unauthenticated ag. since this ag is configured to work in sync with the authentication service only. By default the access role provided to this AG is prpc:guest; hence this user will not be able to do almost anything (execute sql statements,service calls etc.) - dont confuse this ag and with the application ag; the unauthenticated ag is only required for the process of authentication where the rules should belong to the enterprise layer and should never have access to the application specific code.

To your point # 2 you should create an application specific unauthenticated access group which you can manipulate as per your requirement; as many application requirements need some kind of changes/modifications during the login process itself.

To see attachments, please log in.
Posted: 8 years ago

Hi Subhadip,

 Thanks for your clarifications. Can you please mention the place where should I reffer the new unathanticated ag? I was doing some reading and it seems that I will have to modify the Pega:Browser requestor type instace. is it the correct place to change the access group?

To see attachments, please log in.
Posted: 8 years ago
Modify the prpc:browser requestor. Do the changes directly in the environment where you are trying to achieve this. DO NOT import this rule to higher or consequent environments. The results could be pretty nasty. Thanks
To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice