Question

Setting Response Code in response from authentication activity for a rest service package.

Hi

I am invoking a custom authentication from a service package and setting a failed challenge stream in case of failure. All works fine but the response in the return still shows response code of 200. I want it to be 401. How can we control the response code returned from authentication activity?

If we don't set challenge stream then response code is getting set as 401.

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Comments

Keep up to date on this post and subscribe to comments

Pega
November 21, 2016 - 12:31pm

Hi,

I think since you're handling the authenticaiton failure in a html stream, so it is just redirecting or rendering the html stream on failure and hence you will not get 401 unauthorized error code. You might have to remove the challenge stream handling for authentication.

Thanks,

Habeeb Baig

 

November 22, 2016 - 9:14am
Response to HabeebBaig

Yes Habeeb. That's what I noticed. If we don't set challenge stream, 401 gets returned. We can go by this approach, but downside is that it is creating Exception entries in the logs which might not reflect good.

Pega
December 1, 2016 - 7:43am

If you have tried this approach already, can you please share the exception which you saw in logs related to 401 error?

I am expecting that to be as warning than error, however if you please share the exception you saw in logs would bring some clarity here.

 

June 2, 2017 - 3:22pm
Response to HabeebBaig

Hi @HabeebBaig - I am also having same issue. Below is the log stack trace when we don't set pyChallenge param:

(  internal.services.ServiceAPI) ERROR servername |Rest|ServicetPackage|MyOrg-Dept-App-Work|CreateCasesWrap|A9DCC2568FAC3F99CE3DF1C9D6EDC4A28  - Rest service [ServicePackage][MyOrg-Dept-App-Work][CreateCasesWrap] failed:Service requestor could not be authenticated:com.pega.pegarules.pub.services.ServiceException: Service requestor could not be authenticated 
at com.pega.pegarules.integration.engine.internal.services.ServiceAPI.handleAuthentication(ServiceAPI.java:1598) 
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.activityExecutionProlog(EngineAPI.java:548) 
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:383) 
at sun.reflect.GeneratedMethodAccessor303.invoke(Unknown Source) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:606) 
at com.pega.pegarules.session.internal.PRSessionProviderImpl.performTargetActionWithLock(PRSessionProviderImpl.java:1270) 
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:1008) 
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:841) 
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequest(EngineAPI.java:331) 
at com.pega.pegarules.integration.engine.internal.services.http.HTTPService.invoke(HTTPService.java:420) 
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl._invokeEngine_privact(EngineImpl.java:315) 
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:263) 
at com.pega.pegarules.session.internal.engineinterface.etier.ejb.EngineBean.invokeEngine(EngineBean.java:225) 
at sun.reflect.GeneratedMethodAccessor277.invoke(Unknown Source) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:606) 
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:370) 
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:411) 
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:223) 
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingException(AppServerBridgeToPega.java:245) 
at com.pega.pegarules.internal.etier.ejb.EngineBeanBoot.invokeEngine(EngineBeanBoot.java:168) 
at sun.reflect.GeneratedMethodAccessor276.invoke(Unknown Source) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:606) 
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) 
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131) 
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34) 
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54) 
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131) 
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119) 
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) 
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) 
at com.sun.proxy.$Proxy56.invokeEngine(Unknown Source) 
at com.pega.pegarules.internal.etier.ejb.EngineBMT_h449u3_ELOImpl.__WL_invoke(Unknown Source) 
at weblogic.ejb.container.internal.SessionLocalMethodInvoker.invoke(SessionLocalMethodInvoker.java:39) 
at com.pega.pegarules.internal.etier.ejb.EngineBMT_h449u3_ELOImpl.invokeEngine(Unknown Source) 
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngineInner(JNDIEnvironment.java:278) 
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngine(JNDIEnvironment.java:223) 
at com.pega.pegarules.web.impl.WebStandardImpl.makeEtierRequest(WebStandardImpl.java:574) 
at com.pega.pegarules.web.impl.WebStandardImpl.doPost(WebStandardImpl.java:374) 
at sun.reflect.GeneratedMethodAccessor301.invoke(Unknown Source) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:606) 
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:370) 
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:411) 
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:223) 
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:272) 
at com.pega.pegarules.internal.web.servlet.WebStandardBoot.doPost(WebStandardBoot.java:121) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) 
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) 
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) 
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301) 
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:184) 
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3750) 
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3714) 
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) 
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120) 
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2283) 
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2182) 
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1491) 
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263) 
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221) 

Caused by: com.pega.pegarules.pub.PRRuntimeException: No failure response set by custom authentication activity 
at com.pega.pegarules.session.internal.mgmt.authentication.SchemePRCustom.onAuthenticationFailure(SchemePRCustom.java:956) 
at com.pega.pegarules.session.internal.mgmt.authentication.Authentication.doAuthentication(Authentication.java:630) 
at com.pega.pegarules.integration.engine.internal.services.ServiceAPI.handleAuthentication(ServiceAPI.java:1578) 
... 71 more