Note: This tab is available only for custom authentication services.
Complete the Custom tab to specify how credential challenges and timeouts are managed.
Field |
Description |
| Secure Authentication | |
| Use SSL |
Select to require that users be authenticated through a Secure Sockets Layer secure port. They must use an HTTPS URL for authentication. If selected, verify that the application server that hosts your system uses HTTPS and that a URL is configured with the appropriate security constraints. |
| Initial challenge stream |
Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) to run if a user navigates to your system through a non-HTTPS URL. Design the page rendered by this HTML rule to redirect the user to an HTTPS URL where the user is challenged for credentials by the option specified in the next section. See the standard HTML rule Web-Login-SecuredBasic for an example. By default, this rule runs when all of the following are true:
|
| Challenge Options | |
| Use Basic Authentication for sign on |
Select to use the Basic Authentication browser pop-up window to gather user credentials. |
| Credential challenge stream |
Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the log-in form that gathers user credentials. |
| Timeout Options | |
| Use PegaRULES Timeout |
Select to use the authentication timeout value specified in the user access groups to determine how long a user session can remain inactive before users are prompted to identify themselves again. Leave this option cleared if timeout is managed by the application server or other external facility. |
| Use Basic Authentication for timeout |
Select to use the Basic Authentication browser pop-up window to gather credentials when a user's session times out. |
| Timeout Challenge Stream |
Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that presents a form for gathering user credentials when the user's session times out. |
| Redirect URL |
Optional. Enter a URL. The user is redirected to the specified URL when the user session times out. This field is not available when the Use PegaRULES Timeout option is selected. |
| Other | |
| Authentication fail stream |
Optional. Identify the second key part of an HTML rule (where the Applies To key part is @baseclass) that provides the page that appears when a user's username/password combination does not pass authentication. (Commonly, one HTML rule is used for both the challenge stream and the fail stream.) |
| Source of Operator Credentials |
Specifies whether only those users whose operator ID records have the External option selected are allowed access through this authentication service or whether only those users whose operator ID records do not have the External option selected are allowed access through this authentication service. |