NullPointerException while reading header in Custom Authentication for Service Package
We've encountered NullPointerExceptions in a SOAP Service Package using a custom authentication activity that accesses pxHTTPServletRequest.
Tracing the authentication activity through the Service requestor shows this to be empty, which would be expected outside the context of authentication.
The PDN article below, references a Hotfix (HFix-22594) that doesn't appears to have a fixed in version of ML9 in PMF, this in turn references a like HotFix for SOAP (Hfix-20351).
Can someone please confirm what ML HFix-20351 has been ported into, and further given that different Hotfixes were required for REST and SOAP, whether more changes are required or have been made to address other Service Types?
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
The Soap correction is documented as fixed in Pega 7.1.8 and the rest in Pega 7.1.9.
Here is the content from a pending support article sans image. Check that your code matches
SUMMARYUsing Pega 7.1.8 and calling PegaAPI for case and data. You would like use a security token in the request header instead of Basic Authorization.
ERROR MESSAGESNot Applicable
STEPS TO REPRODUCENot Applicable
ROOT CAUSENot Applicable
RESOLUTIONModify API Service Package to use Custom Authentication type instead of Basic.
Then write an Authentication Activity for this Custom Authentication Service that retrieves the security token from the request header and does user validation for Authenticating the request for invoking PegaAPI Rest service.Here is the code that can be used in a java step inside the Authentication Activity for retrieving the token from the request header.javax.servlet.http.HttpServletRequest request = (javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");String your_user = request.getHeader("your_token");tools.putParamValue("your_token ", your_token);
Keep up to date on this post and subscribe to comments
- Custom Authentication Service in Service Package and consume Service REST
- Usage of Custom Authentication Activity in the level of service package for Service REST
- How to read custom headers Service rule?
- "Require Authentication" in service package for Email Listener- Email Service
- Pooling configuration with authentication possible in the service package rule form? (PRPC 6.3sp1)