Support Article
Pega+SAP integration issue with https - 403: Access forbidden
SA-37431
Summary
User is facing issues with the Pega and SAP integration and are looking for help on this integration piece and here is the complete info till the date.
1. Pega connects to SAP PO (Process Orchestrator) to receive the security token and SAP PO talks to SAP through standard APIs, SAP PO shepherds the calls through gateway.
2. Use case is to call a SAP OData service through REST.
3. Calls were made within the same session GET to receive the token and POST to actually perform the required operation (Read/write from/to SAP)
4. When Pega uses http protocol, it's being able to receive response from SAP.
5. But, when Pega uses https to call this service, they are getting 403 - access forbidden error, however certificates are installed on both client and server side.
6. Although user is having the Maintain session option checked in the REST connect rule, when using the HTTPS endpoint, user noticed that The Cookie sent through Pega in POST method have changed from GET Method. So the Maintain session option is not working.
Error Messages
403: Access forbidden error.
Steps to Reproduce
Run the activity from Pega which calls REST connect rule and have the Maintain session option checked.
Root Cause
A defect in Pegasystems’ code or rules.
The OOTB activity pyInvokeRESTConnector code always creates a new client when the endpoint is HTTPS even though Maintain session option checked in the REST connect rule.
Resolution
Apply HFix-34200 to resolve the issue.
Published May 17, 2017 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.