Authentication Service form
Completing the Custom tab

Field

Description

Select to require that users be authenticated through a Secure Sockets Layer secure port: that is, they must use an HTTPS URL for authentication. If selected, verify that the application server hosting PRPC uses HTTPS and that a URL is configured with the appropriate security constraints.

(Optional) Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) to run if a user navigates to PRPC through a non-HTTPS URL. Design the page rendered by this HTML rule to redirect the user to an HTTPS URL where the user is challenged for credentials by the option specified in the next section.

See the standard HTML rule Web-Login-SecuredBasic for an example. By default, this rule runs when all of the following are true:

• The Use SSL option is selected
• An unauthenticated user navigates to PRPC through an unsecured port
• No rule is specified in the Initial Challenge Stream field.

Select to instruct PRPC to use the Basic Authentication browser pop-up window to gather user credentials.

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the log-in form that gathers user credentials.

Select to cause PRPC to use the authentication timeout value specified in the user access groups to determine how long a user's session can remain inactive before users are prompted to identify themselves again. Leave this option cleared if timeout is managed by the application server or other facility external to PRPC.

Select to instruct PRPC to use the Basic Authentication browser pop-up window to gather credentials when a user's session times out.

Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that presents a form for gathering user credentials when the user's session times out.

Optional. Enter a URL. PRPC redirects the user to the URL specified in this field when the user's session times out. This field is not available when the Use PegaRULES Timeout option is selected.

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the page that appears when a user's username/password combination does not pass authentication. (Commonly, one HTML rule is used for both the challenge stream and the fail stream.)

Specifies whether only those users whose operator ID records have the External option selected are allowed access through this authentication service or whether only those users whose operator ID records do not have the External option selected are allowed access through this authentication service.