You are here: Reference > Data classes > Authentication Service data instances > Authentication Service form - Completing the Custom tab

Authentication Service form
Completing the Custom tab

  1. About 
  2. New 
  3. Service 
  4. SAML 2.0
  5. Mapping 
  6. Custom 
  7. History 
  8. More... 

Note: This tab is available only for custom authentication services.

Complete the Custom tab to specify how credential challenges and timeouts are managed.

Field

Description

Secure Authentication  
Use SSL

Select to require that users be authenticated through a Secure Sockets Layer secure port. They must use an HTTPS URL for authentication. If selected, verify that the application server that hosts your system uses HTTPS and that a URL is configured with the appropriate security constraints.

Initial challenge stream

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) to run if a user navigates to your system through a non-HTTPS URL. Design the page rendered by this HTML rule to redirect the user to an HTTPS URL where the user is challenged for credentials by the option specified in the next section.

See the standard HTML rule Web-Login-SecuredBasic for an example. By default, this rule runs when all of the following are true:

  • The Use SSL option is selected.
  • An unauthenticated user navigates to the system through an unsecured port.
  • No rule is specified in the Initial Challenge Stream field.
Challenge Options  
Use Basic Authentication for sign on

Select to use the Basic Authentication browser pop-up window to gather user credentials.

Credential challenge stream

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the log-in form that gathers user credentials.

Timeout Options  
Use PegaRULES Timeout

Select to use the authentication timeout value specified in the user access groups to determine how long a user session can remain inactive before users are prompted to identify themselves again. Leave this option cleared if timeout is managed by the application server or other external facility.

Use Basic Authentication for timeout

Select to use the Basic Authentication browser pop-up window to gather credentials when a user's session times out.

Timeout Challenge Stream

Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that presents a form for gathering user credentials when the user's session times out.

Redirect URL

Optional. Enter a URL. The user is redirected to the specified URL when the user session times out. This field is not available when the Use PegaRULES Timeout option is selected.

Other  
Authentication fail stream

Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the page that appears when a user's username/password combination does not pass authentication. (Commonly, one HTML rule is used for both the challenge stream and the fail stream.)

Source of Operator Credentials

Specifies whether only those users whose operator ID records have the External option selected are allowed access through this authentication service or whether only those users whose operator ID records do not have the External option selected are allowed access through this authentication service.

Related Topics Link IconRelated information