Identifying the custom controls to configure
Pega Platform protects access to information in your application by using role-based settings and access control policies. Pega Platform provides additional request verification when you use autogenerated controls. When your application supports access checking and includes non-autogenerated controls, you need to identify and fix the controls.
Perform one or more of the following steps to identify the rules to be configured:
- Scan the security alert log for the message "Unregistered request encountered," and then configure the rule that is identified in the message.
- Review the attached list of Pega Platform rules that have been configured in the Pega rulesets. If your application overrides any of these rules, configure the custom rules.
- Use the attached branch ruleset to find sections and navigation rules that invoke
the Run Script action. To use the branch ruleset, complete
the following steps.
- In Dev Studio, import the attached archive file. The archive
defines rules in the
- Add the
FindRunScriptbranch to your application definition, and save the application.
- Run the activity pzPopulateRulesWithActions, and check
the box to exclude Pega internal rulesets. This activity outputs a
RuleList_RunScript.xlsx, which contains a list of rules that you need to examine and configure.
- In Dev Studio, import the attached archive file. The archive defines rules in the
For information on how to configure the rules, see Verifying requests when using custom controls.