Question

NullPointerException while reading header in Custom Authentication for Service Package

We've encountered NullPointerExceptions in a SOAP Service Package using a custom authentication activity that accesses pxHTTPServletRequest.

Tracing the authentication activity through the Service requestor shows this to be empty, which would be expected outside the context of authentication.

The PDN article below, references a Hotfix (HFix-22594) that doesn't appears to have a fixed in version of ML9 in PMF, this in turn references a like HotFix for SOAP (Hfix-20351).

https://pdn.pega.com/support-articles/nullpointerexception-while-reading-header-for-rest-service

Can someone please confirm what ML HFix-20351 has been ported into, and further given that different Hotfixes were required for REST and SOAP, whether more changes are required or have been made to address other Service Types?

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Correct Answer
September 30, 2015 - 10:22am

Hi Joel,

The Soap correction is documented as fixed in Pega 7.1.8 and the rest in Pega 7.1.9.

Here is the content from a pending support article sans image. Check that your code matches

Article Content

SUMMARYUsing Pega 7.1.8 and calling PegaAPI for case and data. You would like use a security token in the request header instead of Basic Authorization. 

ERROR MESSAGESNot Applicable

STEPS TO REPRODUCENot Applicable

ROOT CAUSENot Applicable

RESOLUTIONModify API Service Package to use Custom Authentication type instead of Basic.

Then write an Authentication Activity for this Custom Authentication Service that retrieves the security token from the request header and does user validation for Authenticating the request for invoking PegaAPI Rest service.Here is the code that can be used in a java step inside the Authentication Activity for retrieving the token from the request header.javax.servlet.http.HttpServletRequest request = (javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");String your_user = request.getHeader("your_token");tools.putParamValue("your_token ", your_token);

Comments

Keep up to date on this post and subscribe to comments

September 30, 2015 - 10:22am

Hi Joel,

The Soap correction is documented as fixed in Pega 7.1.8 and the rest in Pega 7.1.9.

Here is the content from a pending support article sans image. Check that your code matches

Article Content

SUMMARYUsing Pega 7.1.8 and calling PegaAPI for case and data. You would like use a security token in the request header instead of Basic Authorization. 

ERROR MESSAGESNot Applicable

STEPS TO REPRODUCENot Applicable

ROOT CAUSENot Applicable

RESOLUTIONModify API Service Package to use Custom Authentication type instead of Basic.

Then write an Authentication Activity for this Custom Authentication Service that retrieves the security token from the request header and does user validation for Authenticating the request for invoking PegaAPI Rest service.Here is the code that can be used in a java step inside the Authentication Activity for retrieving the token from the request header.javax.servlet.http.HttpServletRequest request = (javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");String your_user = request.getHeader("your_token");tools.putParamValue("your_token ", your_token);

September 30, 2015 - 11:04am
Response to JimKelly_GCS

Hey Jim,

Thanks for the response, I've now confirmed SOAP and REST in a Personal Edition are working as expected; is there any indication as to how other service types may deal with this?

February 18, 2016 - 5:27am
Response to JoelMcLeish

Hi Joel,

Can you tell me which Version of PRPC did you test it with? I tested it using SOAP Service both in PRPC 7.1.8 and 7.1.9 and in both cases I get an NPE. It seems like I still Need a hot fix.

Cheers,

Piotrek

February 18, 2016 - 5:31am
Response to PiotrCzubaszek

Hey Piotr,

It was 7.1.9 I tested with, I can see if I can drag up how I tested next week.

Cheers,

Joel

September 30, 2015 - 11:37am

Hi Joel

I'm not sure. Is there another case you have in mind?

September 30, 2015 - 11:41am
Response to JimKelly_GCS

JMS and MQ are a primary concern at present, I only ask as it appears these required separate Hot Fixes for SOAP and REST so on the surface it would suggest that the fix is service type specific.

October 7, 2015 - 7:54pm
Response to JimKelly_GCS

Hey Jim,

Is there any further info on this, or should I go ahead and raise a 'General Question' SR.

Cheers,

Joel