Close popover

Table of Contents

Application URL patterns for various authentication service types

Version:

Authentication services other than Custom and Kerberos use the PRAuth servlet by default. However, for backward compatibility with earlier versions of Pega Platform, you can authenticate by explicitly specifying PRServlet in the application URL instead of PRAuth, or by removing the servlet name.

Web logins are in the format https:// <hostname> : <port> / <context> / <servlet name> . The following table shows the context and servlet portions of the URL for various authentication service types, for various releases of Pega Platform.

Authentication type URL pattern for 8.2 and later URL pattern prior to 8.2
Authentication service selection screen (if more than one service exists), or default authentication (if only Platform Authentication service exists) /prweb/PRAuth (8.1 and later) Not available prior to 8.1
Default platform authentication See listing for Basic credentials service type /prweb or /prweb/PRServlet
Basic credentials and Anonymous authentication services /prweb/PRAuth/pega Not available
OpenID Connect and SAML 2.0 authentication services /prweb/PRAuth/<service alias> /prweb/PRAuth/<service alias> or for SAML in 7.x, /prweb/sso*
Custom authentication service /prweb/<as configured in web.xml> /prweb/<as configured in web.xml>
Kerberos authentication service /prweb/PRWebKerberos (The default servlet name can be replaced with a different servlet name.) /prweb/PRWebKerberos (The default servlet name can be replaced with a different servlet name.)
Container-based authentication /prweb/PRServletContainerAuth (The default servlet name can be replaced with a different servlet name.) /prweb/PRServletContainerAuth (The default servlet name can be replaced with a different servlet name.)

Customizing the PRAuth servlet name

To customize the PRAuth servlet name that appears in the authentication URL, add code similar to the following example to your web.xml file. Do not remove the existing PRAuth mapping.<servlet-mapping> <servlet-name>PRAuth</servlet-name> <url-pattern>/PRAuth</url-pattern> </servlet-mapping>

If you customize the PRAuth servlet name that appears in the authentication URL, you will need to create a dynamic system setting. The authorization code flow always uses PegaAuthentication type, therefore modifying the URL pattern means you must manually change the activity.

You will need to create a dynamic system setting with the following attributes:

Purpose - pegaauthentication/servletnname.

RulesetPega-IntegrationEngine.

Value - By default, this value should be PRAuth.

For more information, see Creating a dynamic system setting.
If you modify the URL pattern for PegaAuthentication then you can update the dynamic system setting.

If you configure the PRAuth as the default servlet, then when you configure the dynamic system setting Value should be blank.

  • Authentication services

    To override or extend the default authentication process, create and configure an authentication service.

  • Adding an application URL alias

    An application URL alias is appended to the URL of your application, allowing you to customize the URL. When you add an application URL alias, be sure to share that with application users.

Suggest Edit

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.