Portlet authentication issue


I'm trying to use the default PRPortletService to login in my AppID, but I'm always getting this error: "Encrypted section in url does not match what PegaRULES computed."


The URL I'm using is http://www.servername.com:8080/prweb/PRPortletService?From=MyAppID&SenderTime=20130612100000&pw=XXXXXXXXXXXXXX

Where pw is the encryption of the url "/prweb/PRPortletService?From=MyAppID&SenderTime=20130612100000&pw=MyAppID.pyPassword"


The activity used to authenticate is PortletAuthenticationExample which calls VerifySecurityToken-GMT activity. From my tests it seems that PARAM.pw is never get set, and it doesn't take the value in my query string, while PARAM.Form and PARAM.SenderTime are correctly populated with query string value.


Test performed:

  1. I've saved the VerifySecurityToken-GMT activity in my rulest, add a step at the beginning to set PARAM.pw equal to the one I'm passing in the URL used and the validation succeeds (Tested running within the user portal with tracer on) -> This (should) means that if the PARAM.pw is correctly set with the query string value the authentication (should) succeeds

Anyone got the same issue and fixed it?

I'm working on a cloud instance and I'm not able to deploy my own PortletService, neighter change these rules because their rulesets are locked, and saving into mine, runtime they will not get.


Thank you

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.


Keep up to date on this post and subscribe to comments

November 17, 2016 - 10:51am

We got the same error Encrypted section in url does not match what PegaRULES computed

This is a PRPC 7.1.9 + Tomcat + Oracle + Linux setup.

We performed the following verifications and made necessary corrections.