We had a authentication service that we have disabled by recently from Servlet Management. Now when we access the disabled url, we see standard Error screen, but we want to show a customized message instead. Can you please suggest how we can handle this.
When you disable an Authentication Service (SAML, OAuth, Custom) from Configure β System β Security β Authentication β Services, the mapped login URL will immediately return a generic Pega error page because Pega fails early in the servlet pipeline before authentication handoff happens. This request never reaches your Auth Service rule, so you cannot override the UI using Authentication Service extension rules (pyChallenge, pyAuthenticationActivity, pyGetAuthenticationParameters, etc.)- hence standard PRServlet error screen.
You can try one of the below approaches:
-
Configure a Web Server / Load Balancer Rewrite Rule: When the URL of a disabled SAML Authentication Service is hit configure Apache/Nginx/Akamai/IIS/F5 to intercept and redirect to a custom HTML or Pega landing page.
/prweb/PRAuth/
Example (Apache):
RewriteEngine On
RewriteRule ^/prweb/PRAuth/YourSAMLAuthService$ /Org-custom-message.html -
Replace the Disabled Service with a βStubβ Authentication Service That Always Shows a Custom Message : Instead of disabling the Auth Service in Servlet Management, leave the servlet ACTIVE but - Remove SSO configuration. Set Authentication type to Custom. Point pyChallenge to a simple section/HTML rule that shows your custom message - βOrg-Custom-Messaeβ .Ensure the Authentication Activity returns Fail immediately
Be cautious of this approach - make sure that this stub service should not be used for actual authenticaiton.ion.
1 Like