For an example on how to create such an activity and HTML Rule, see the post:
- The Activity is accessed through a URL such as the one shown below.
- A login dialog appears and the user must provide valid Pega operator credentials to access the activity.
- After successful authentication, the Activiy is run and the HTML page is displayed in the browser:
This post shows how a new RuleSet and Access Group can be used to provide access to the activity for unauthenticated or guest users. That is, there will be no login screen and the activity will be accessed as an unauthenticated guest user using the
pega.BROWSER requestor type.
- Access Activity as Unauthenticated/Guest via URL with pzAuth Parameter
- Create a new Ruleset for Rules without Authentication
- Edit Access Group for Unauthenticated/Guest Users
- Save Rules into Ruleset for Unauthenticated Users
- Testing Access to the Activity Rule
- To access the Activity as an unauthenticated guest user, the query string parameter
pzAuth=guestis used, so that the URL is as shown below.
- Ensure to send this request from a browser with no active Pega session (e.g. log out of Designer Studio).
- Without additional changes, the request will fail and Pega will return an error page, indicating that the request is Unauthenticated:
- Requests from unauthenticated guest users will execute under the
- The Pega logs will indicate that the unauthenticated requestor does not have access to the specified activity rule.
Caused by: com.pega.pegarules.pub.generator.RuleNotFoundException: Failed to find a 'RULE-OBJ-ACTIVITY' with the name 'VIEWHELLOWORLD' that applies to 'PGX-MyStore-Work'. There were 1 rules with this name in the rulebase, but none matched this request. The 1 rules named 'VIEWHELLOWORLD' defined in the rulebase are: 1 related to applies-to class 'PGX-MyStore-Work', but were defined in rulesets which are not in your rulesetlist: 'MyStore:01-01-01'.
- The approach in this example is based on configuring a new RuleSet and using an access group for unauthenticated users to bypass Pega 7 login.
- In Designer Studio, navigate to + > SysAdmin > RuleSet to create a new RuleSet.
- Enter a name and version for the new rule set, here it is
- Click on Create and open.
- Select Application Validation and set the Effective Start Date to today’s date or earlier.
- Click on Save to continue.
Add new Ruleset to Application Production Rulesets
- Open your current application, here it is called
- On the Definition tab, expand the Advanced section and add the new RuleSet, here
MyStoreUnauthenticated:01-01, to the list of Production RuleSets.
- Click on Save and continue.
- Use the Records Explorer to view instances of Access Group.
- Filter the list using your application name, here
- Pega 7 may have automatically created an access group ending in
:Unauthenticatedwhen creating the application.
- If not, create a new access group using the +Create button.
- Click on the row of that instance, here
MyStore:Unauthenticatedto edit the access group.
- On the Advanced tab of the rule, add
Unauthenticated:01-01as a Production RuleSet.
Update the Requestor Type "pega.BROWSER"
- Use the Records Explorer to view instances of SysAdmin > Requestor Type.
- Open the
pega.BROWSERrequestor type by clicking on the instance row.
- This requestor type is configured to only have access as per access group PRPC:Unauthenticated.
- Edit the requestor type and set the access group to the one created earlier, here
- Open the current access group for authors of the application. Here it is
- Add the RuleSet for unauthenticated access (see section 2…) to the list of production RuleSets.
- Save the changes and logout of the Designer Studio and then login again.
- Open the Activity rule, here named
ViewHelloWorldand click on Save As.
- Select Production Rulesets for Context, the appropriate Apply to class and the previously created RuleSet for unauthenticated users, here
- Click on Create and open to continue and then on Check in to commit the changes.
- Repeat the steps for the HTML Rule used in the Show-HTML step, here
- Modify the HTML Rule as needed to customize it for unauthenticated guest users.
- Save and Check in the changes.
- Remove the ruleset for unauthenticated users from the list of production rulesets for the access group that is used to login when accessing the activity (…or create a new access group).
- In a new browser session, access the activity as an unauthenticated user with
- In a new browser session, access the activity as an authenticated guest user without the
- A login screen will appear. Enter the credentials of a Pega 7 operator ID that does not have access to the ruleset for unauthenticated users.
- The HTML Rule rule for authenticated users is applied and the page is rendered as shown below.