Requestor type BROWSER, how to add custom authentication code (Prpc 7.1.9)
The installation of Pega Web Mashup (IAC) for a composite application requires an authentication service to be configured, so that the customer's portal can embed Pega as a gadget without requiring that the user re-authenticate when they open and use the Pega gadget. For more details, see article https://pdn.pega.com/configuring-pega-web-mashup-authentication-composite-application
To do this, the developer must create an Authentication Service (Org & Security -> Authentication -> Create Authentication Service), and here the developer provides an Authentication Activity. PRPC comes with an example activity called Code-Security . IACAuthentication. This activity can be saved into a custom ruleset and then modified for the authentication needed, as required.
However, for your custom authentication activity to be usable it must be callable it must be accessible from the BROWSER requestor type for an unauthenticated user. To do this, open the BROWSER requestor Type from 'Records->SysAdmin->Requestor Type', and you will see that it uses Access group 'PRPC:Unauthenticated'. Open this access group, and you will see it is built on Application 'PegaRULES:07.10'.
Problem:
The installation of Pega Web Mashup (IAC) for a composite application requires an authentication service to be configured, so that the customer's portal can embed Pega as a gadget without requiring that the user re-authenticate when they open and use the Pega gadget. For more details, see article https://pdn.pega.com/configuring-pega-web-mashup-authentication-composite-application
To do this, the developer must create an Authentication Service (Org & Security -> Authentication -> Create Authentication Service), and here the developer provides an Authentication Activity. PRPC comes with an example activity called Code-Security . IACAuthentication. This activity can be saved into a custom ruleset and then modified for the authentication needed, as required.
However, for your custom authentication activity to be usable it must be callable it must be accessible from the BROWSER requestor type for an unauthenticated user. To do this, open the BROWSER requestor Type from 'Records->SysAdmin->Requestor Type', and you will see that it uses Access group 'PRPC:Unauthenticated'. Open this access group, and you will see it is built on Application 'PegaRULES:07.10'.
Problem:
- We cannot edit the BROWSER requestor type to use a different access group, we just get the error message "You are not authorized to create, modify, or lock instance DATA-ADMIN-REQUESTOR PRPC!BROWSER'.
- We cannot edit the PRPC:Unauthenticated access group to use a different application or to include a new production ruleset, we just get the error "You are not authorized to create, modify, or lock instance DATA-ADMIN-OPERATOR-ACCESSGROUP PRPC!UNAUTHENTICATED".
- We cannot edit the application PegaRULES:07.10 to add a new ruleset, we just get the error "Supply password to update: Incorrect password specified" (we have tried all the obvious passwords, install, rules, etc).
So, how to modify a rule for the BROWSER requestor type to be able to run, by an unauthenticated user?