Question
Rabobank
AU
Last activity: 8 Aug 2022 15:34 EDT
Rule security mode warn is not generating warn messages for unauthenticated access group
Hi Team,
In Pega 8.6.3 application, we have an unauthenticated access group with a <org>:Guest role, which is dependent on PegaRULES:Guest role. We created <org>:RSM_Guest role to capture implicit privileges and then enabled Rule security mode on unauthenticated access group to Warn.
The steps mentioned in the below article were implemented.
As PegaRULES:Guest role is assigned and required implicit privileges are given with this role, user is successfully authenticated and able to login, without logging any warn messages in the log file (as implicit privileges are already given with PegaRULES:Guest role).
If we remove PegaRULES:Guest role access is denied and errors were logged in the log file. As we enabled warn for unauthenticated access group, when PegaRULES:Guest role is removed, expectation is user authentication should be allowed and warn messages are logged on the log file to generate implicit privileges.
Warn messages were logged successfully for authenticated access groups. However, for unauthenticated access group it is not logging warn messages if PegaRULES:Guest role is given and it is restricting access if we remove that role. In either approach we are not able to capture warn messages in the logs.
We have only 1 webuser node.
Hi Team,
In Pega 8.6.3 application, we have an unauthenticated access group with a <org>:Guest role, which is dependent on PegaRULES:Guest role. We created <org>:RSM_Guest role to capture implicit privileges and then enabled Rule security mode on unauthenticated access group to Warn.
The steps mentioned in the below article were implemented.
As PegaRULES:Guest role is assigned and required implicit privileges are given with this role, user is successfully authenticated and able to login, without logging any warn messages in the log file (as implicit privileges are already given with PegaRULES:Guest role).
If we remove PegaRULES:Guest role access is denied and errors were logged in the log file. As we enabled warn for unauthenticated access group, when PegaRULES:Guest role is removed, expectation is user authentication should be allowed and warn messages are logged on the log file to generate implicit privileges.
Warn messages were logged successfully for authenticated access groups. However, for unauthenticated access group it is not logging warn messages if PegaRULES:Guest role is given and it is restricting access if we remove that role. In either approach we are not able to capture warn messages in the logs.
We have only 1 webuser node.
Should we have any additional configuration to capture warn messages for unauthenticated access group ?
Thank you