Skip to main content
LinkedIn
Copied!

Table of Contents

Configuring the challenge behavior for custom or Kerberos authentication services

Version:

Only available versions of this content are shown in the dropdown

Configure the way in which your custom or Kerberos authentication service requests the login credentials.

  1. Open the service from the navigation panel in Dev Studio by clicking Records SysAdmin Authentication Service and choosing a service from the instance list, and then navigate to the Custom tab.

  2. In the Initial challenge stream field, press the Down Arrow key and select the second key part of an HTML rule to run (where the Applies To key part is @baseclass ) if user navigates to your system through a non-HTTPS URL.

    Design the page rendered by this HTML rule to redirect the user to an HTTPS URL where the user is challenged for credentials. See the standard HTML rule Web-Login-SecuredBasic for an example. By default, this rule runs when all of the following are true:
    • The Use SSL option is selected.
    • An unauthenticated user navigates to the system through an unsecured port.
    • No rule is specified in the Initial Challenge Stream field.
  3. To require users to use a secure port (HTTPS) for authentication, select the Use SSL check box .

    If Use SSL is checked, users must use an HTTPS URL for authentication. Verify that the application server that hosts your system uses HTTPS and that a URL is configured with the appropriate security constraints.
  4. Complete one of the following steps.

    • To use the Basic authentication browser pop-up window to gather user credentials, select the Use Basic Authentication for signon check box.
    • In the Credential challenge stream field, press the Down Arrow key and select the second key part of an HTML rule (where the Applies To key part is @baseclass ) that provides the login form that gathers user credentials.
  5. To customize the page that appears when authentication fails, specify an HTML rule in the Authentication fail stream field.

    Enter the second key part of the HTML rule (where the Applies To key part is @baseclass ) that provides the page that appears when a user's username and password combination does not pass authentication.
    Commonly, one HTML rule is used for both the challenge stream and the fail stream.
  6. Click Save.

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us