LinkedIn
Copied!

Table of Contents

Defining processing and authentication for service packages

Version:

Only available versions of this content are shown in the dropdown

Complete the Context tab to indicate whether stateful or stateless processing applies to this package, and to identify an access group for listeners and requestors.

  1. From the Processing mode list, select the processing method for the services included in the service package: if the services in this package can be run by any requestor in a pool of requestors, without regard to processing that the requestor performed earlier.

    • If the services in this package can be run by any requestor in a pool of requestors, without regard to processing that the requestor performed earlier, select Stateless.

      Select Stateless to perform a simple calculation from inputs. The service request arrives, your activity performs a calculation, and then sends the response.

    • To maintain a clipboard across second and subsequent service requests, select Stateful.
    Choose this value carefully. Using requestor session pooling might improve performance if a high volume of uniform requests arrive, even when authentication is required.
  2. In the Service access group field, enter the access group for the service package.

    This access group is used during rule resolution to find the correct service rule at run time.

    For more information, see Service package access group.

  3. If the service request requires authentication, select Requires authentication.

    When you select this option, the system expects Pega Platform operator ID and password values in the arriving request message.

    For more information about where to configure the password for authentication, see Service package access group.

  4. From the Authentication type list, select the type of authentication to use.

    • Basic: Select for HTTP-based services such as REST, HTTP, SOAP, and SAP. The system expects Pega Platform operator ID and password values in the arriving request message.
    • OAuth 2.0: Select this option only for REST services for access that uses open authorization.
    • Custom: Select to provide an authentication service.

      If you are using LDAP authentication, select an authentication service (a Data-Admin-AuthService instance) when the service type is SOAP (Rule-Service-SOAP) or HTTP (Rule-Service-HTTP), SAP (Rule-Service-SAP, or REST (Rule-Service-REST).

      Authentication service is required only for custom authentication, including LDAP and SAML 2.0 authentication. You can also use HTTP Basic for user authentication, or, in the case of HTTP Service you can provide the HTTP headers UserIdentifier and Password for user authentication instead of basic authentication.
  5. Complete the following steps for the authentication type you selected in step 4.

    Authentication type Action
    Basic

    If you want to use TLS/SSL for service REST rules that belong to this service package, select Require TLS/SSL for REST services in this package.

    When you select this check box, all invocations of REST services belonging to this service package must use TLS/SSL, which uses the HTTPS protocol. If REST services are invoked by using HTTP, a code 403 status is returned with a warning.
    OAuth 2.0 No further steps are required. See step 6.
    Custom In the Authentication Service field, select an authentication service.
  6. Select Suppress Show-HTML to skip any activity step that calls the Show-HTML method in the service activities that execute through service rules that reference this service package instance.

    By selecting this option, you reuse or share an activity that supports both interactive users and services.
  7. Select Treat REST request without Content-Type as binary data to allow the system to treat the request as binary data if a content type is not provided in the request.

    This option is displayed if you select Rule-Service-REST as the service type in the Methods section.
  8. Click Save.

Make sure that all the services rules you expect are present and accessible before you deploy. For more information, see Viewing methods for a service package.
  • Service package access group

    Learn about the differences between configuring a service package access group for an authenticated user and unauthenticated user. Review the following information so you can decide which configuration applies to your business needs before completing the Context tab of your service package.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.