Back Forward Authentication Service form
Completing the Custom tab

About Authentication Services data instances

Complete the Custom tab to specify how credential challenges and timeouts are managed.

Field

Description

Secure Authentication  
Use SSL

Select to require that users be authenticated through a Secure Sockets Layer secure port: that is, they must use an HTTPS URL for authentication. If selected, verify that the application server hosting Process Commander uses HTTPS and that a URL is configured with the appropriate security constraints.

Initial challenge stream

SmartPrompt (Optional) Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) to run if a user navigates to Process Commander through a non-HTTPS URL. Design the page rendered by this HTML rule to redirect the user to an HTTPS URL where the user is challenged for credentials by the option specified in the next section.

See the standard HTML rule Web-Login-SecuredBasic for an example. By default, this rule runs when all of the following are true:

  • The Use SSL option is selected
  • An unauthenticated user navigates to Process Commander through an unsecured port
  • No rule is specified in the Initial Challenge Stream field.
Challenge Options  
Use Basic Authentication for sign on

Select to instruct Process Commander to use the Basic Authentication browser pop-up window to gather user credentials.

Credential challenge stream

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the log-in form that gathers user credentials.

Timeout Options  
Use PegaRULES Timeout

Select to cause Process Commander to use the authentication timeout value specified in the user access groups to determine how long a user's session can remain inactive before users are prompted to identify themselves again. Leave this option cleared if timeout is managed by the application server or other facility external to Process Commander.

Use Basic Authentication for timeout

Select to instruct Process Commander to use the Basic Authentication browser pop-up window to gather credentials when a user's session times out.

Timeout Challenge Stream

Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that presents a form for gathering user credentials when the user's session times out.

Redirect URL

Optional. Enter a URL. Process Commander redirects the user to the URL specified in this field when the user's session times out. This field is not available when the Use PegaRULES Timeout option is selected.

Other  
Authentication fail stream

SmartPromptOptional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the page that appears when a user's username/password combination does not pass authentication. (Commonly, one HTML rule is used for both the challenge stream and the fail stream.)

Source of Operator Credentials

Specifies whether only those users whose operator ID records have the External option selected are allowed access through this authentication service or whether only those users whose operator ID records do not have the External option selected are allowed access through this authentication service.

zzz About Authentication Service data instances