Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

You lack access required to execute RULE-OBJ-ACTIVITY

SA-6203

Summary



Users see authentication errors in log files when their applications try to call authenticated activities from a service activity for which the service package authentication option is unchecked.


Error Messages



You lack access required to execute RULE-OBJ-ACTIVITY @BASECLASS ACTIVITYSTATUSEXCEPTIONHANDLER
You lack access required to execute RULE-OBJ-ACTIVITY @BASECLASS PXMENUBARTRANSLATOR



09:29:36,668 [127.0.0.1,-15] ( internal.mgmt.Executable) ERROR your_server|127.0.0.1 - Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS PXMENUBARTRANSLATOR #20120713T020743.694 GMT
com.pega.pegarules.pub.PRRuntimeException: Error: You lack access required to execute RULE-OBJ-ACTIVITY @BASECLASS PXMENUBARTRANSLATOR #20120713T020743.694 GMT.
at com.pega.pegarules.session.internal.mgmt.Executable.activityProlog(Executable.java:654)
at com.pegarules.generated.activity.ra_action_pxmenubartranslator_dab5c26f40591f76e60a0412a7839e03.perform(ra_action_pxmenubartranslator_dab5c26f40591f76e60a0412a7839e03.java:55)
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3098)
at com.pega.pegarules.session.internal.mgmt.base.ThreadRunner.runActivitiesAlt(ThreadRunner.java:617)
at com.pega.pegarules.session.internal.mgmt.PRThreadImpl.runActivitiesAlt(PRThreadImpl.java:593)
at com.pega.pegarules.session.internal.engineinterface.service.HttpAPI.runActivities(HttpAPI.java:2862)
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:394)
at sun.reflect.GeneratedMethodAccessor362.invoke(Unknown Source)


Steps to Reproduce



Unknown


Root Cause



A defect in Pegasystems’ code or rules
The service layer does not bypass authentication for all services where Authenticate? is not selected (and thereby not required) on their service packages.

Resolution



Apply HFix-20837.
Restart the application server.

After you install the hotfix, check and adjust, as needed, the application's Activity record, the Security settings and related Authentication settings:
  1. In the Activity record, the Security tab, select or clear -- depending on your needs -- the check box labeled Authenticate?
    Selecting the check box specifies that only authenticated requestors can start the activity.
    See the PRPC 6.3 SP1 Help topic, https://community.pega.com/sites/default/files/help_v63sp1/Default.htm#rule-/rule-obj-/rule-obj-activity/security.htm.
  2. Then also check the following settings in your application to make sure that they match your Authentication choice of Step 1:
  • The access group of the service package rule 
  • The access group of the agent rule 
  • The access group of the agent scheduler 

Published April 6, 2019 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us