Mashup: URLEncryption in Pega Platform 7.4
SummaryChanges in Pega 7.4 for Pega Web Mashup use a script block wihch includes a call to the pzIncludeMashupScript activity:<script src ='https://<prpc_server>/prweb/PRServlet?pyActivity=pzIncludeMashupScripts></script>With URLEncryption enabled on the Pega Platform server level, the script SRC does not work.
Error MessagesNot Applicable
Steps to ReproduceUnknown
Root CauseWhen using URLEncryption for Web Mashup, the default method of including the Mashup scripts fail because the call to pzIncludeMashupScripts was not encrypted.
ResolutionPerform the following to use URL
Encryption in Pega 7.4.1. Apply the following hotfixes:
2. URL Mapping Rule:
- Add a new URL Mapping rule in a ruleset defined in an AccessGroup used for unauthenticated requestors.
- Add a new custom mapping with alias of IncludeMashupScript
- Call the pzIncludeMashupScripts activity with the disableCompacting = true parameter (required when using encryption)
3. Mashup Changes:
<script src ='http://<prpc_system>/prweb/IAC/IncludeMashupScripts'></script>Enable the encryption and force post:<script>
Script reference uses URL Mapping:
</script>The below Mashup Attribute is required such that the redirects occur correctly:data-pega-redirectguests = "true"4. Dynamic System Settings (DSS):Pega-Engine prconfig/authentication/redirectguests/default = true
The DSS setting must be set to true or removed when PRGateway is not used. The data-pega-redirectguestsmashup attribute is used instead to control this.
5. Standard settings for URLEncryption:Pega-Engineprconfig/initialization/urlencryption/default = true
Pega-Engine prconfig/initialization/submitobfuscatedurl/default = required
Published March 1, 2019 — Updated March 7, 2019