Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Verifying requests when using custom controls

Updated on July 1, 2021

Pega Platform protects access to information in your application by using role-based settings and access control policies. Pega Platform provides additional request verification when you use autogenerated controls.

To identify the rules that you need to configure, see Identifying the custom controls to configure.

When you see the message "Unregistered request encountered" in the security alert log, you need to fix the behavior of the non-autogenerated control that invokes the specified activity. There are three ways to register the rule or encrypt the URL to prevent this alert from being logged, depending on the rule type.

  1. Configuring the custom control by using the rule form — Use the rule form when a control such as a button calls the Run Script action, which in turn calls a custom function.
  2. Configuring the custom control by encrypting the URL in JavaScript — Use JavaScript when you cannot use the rule form and your control calls custom JavaScript.
  3. Configuring the custom control by registering the action page in Java — Use Java when your control calls a custom rule (other than a function) and you do not have access to JavaScript.
  • Identifying the custom controls to configure

    Pega Platform protects access to information in your application by using role-based settings and access control policies. Pega Platform provides additional request verification when you use autogenerated controls. When your application supports access checking and includes non-autogenerated controls, you need to identify and fix the controls.

  • Configuring a custom control by using the rule form

    When you see the message "Unregistered request encountered" in the security alert log, you need to fix the behavior of the non-autogenerated control that invokes the specified rule.

  • Configuring the custom control by encrypting the URL in JavaScript

    When you see the message "Unregistered request encountered" in the security alert log, you need to fix the behavior of the non-autogenerated control that invokes the specified rule. There are various ways to register the rule or encrypt the URL to prevent this alert from being logged. Use JavaScript when you cannot use the rule form and your control calls custom JavaScript.

  • Configuring the custom control by registering the action page in Java

    When you see the message "Unregistered request encountered" in the security alert log, you need to fix the behavior of the non-autogenerated control that invokes the specified rule. There are various ways to register the rule or encrypt the URL to prevent this alert from being logged. Use Java when your control calls a custom rule (other than a function) and you do not have access to JavaScript.

Tags

Pega Platform 8.5 Security

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Support Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us