Is the webservice available without logging in?

[ivo]

Hi All!

Is there a way of accessing a correctly deployed RA webservice without logging into to RA from a script?

I mean if I login to the RA and type in the URL of the webservice into the browser everything works fine and I see the desired output of the webservice. However if I log out RA and access the webservice from the browser again, I see the login page and no output. Is this a feature? Is there a way of making public webservices?

If deploying a public webservices is impossible, is there a native method of logging in that i can code into an application or script (beside try hacking around with cURL)?

Thanks for all the replies in advance!

Ivo

[Ingo Mierswa]

Hi Ivo,

yes, making a web service publicly accessible is indeed possible. As far as I remember you will have to allow the user "Anonymous" the access. After that you can access the web service (and other resources) via the known URL but you will have to replace "resources" by "public_resources" and "processes" by "public_processes". I am not completely sure about the details but Simon is certainly able to help.

This is fine if you can make the services publicly available. If your services have to be used under a user management, the best and simplest way is to use Single-Sign-On (SSO). However, SSO support is only part of the Enterprise Edition of RapidAnalytics.

Hope that helps. If not, please ask again since I am not completely sure about the paths stated above and we would have to ask Simon in that case.

Cheers,
Ingo

[ivo]

Thanks for the fast reply!

It is great to hear that the public access is possible, however I could not setup an Anonymous user role in the RA for the given process/webservice. I see two config parameters with a possible connection to the public access in the System Information > System Settings tab.
These are:
com.rapidanalytics.web.anonymous_resources
com.rapidanalytics.web.anonymous_services
Should these be altered in some way to enable public access? Furthermore if these should be modified, where could i preform the modification procedure? Is there a config file available?

Thanks for the help!

Ivo

[Simon Fischer]

Hi,,

yes, both properties must be set to true, AND you must create an "anonymous" user (lower case).

That should do the job. The URL context path is public_process (singular).

Best,
Simon

[inzenjer.mostar]

Can somebody please explain to me where and how i can change the parameters

com.rapidanalytics.web.annonymous_resources
com.rapidanalytics.web.annonymous_services

Thanks

[inzenjer.mostar]

Please i need the exact procedure what i have to do to allow anonymous access to a web service. I allerady have a web service that i can acces through the browser (when i previously logged in as admin). But i want to acces the web service through a windows forms application without login. Can you please explain me the details. How to set the parameters. How to create annoymous user. What do you mean with "The URL context path is public_process (singular)."

Thanks in advance!

[inzenjer.mostar]

I found it out by myself how to call web services without login

First add to the Administration->System Settings two parameters both with value true:

com.rapidanalytics.web.anonymous_resources         true
com.rapidanalytics.web.anonymous_services            true

and then when calling the web service in external aplication you use the same URL with a small change:
just replace the part ".../process/..." with "../public_process/..."

[Simon Fischer]

Hi,

yes, that's the right way to do it.

Best,
Simon

[adaman]

Hey,

i did everything as it is explained above but if i trie to call the webservice from php i get the following error.

Warning: file_get_contents(http://myIP/RA/public_process/Use_Modells_NaiveBayes?) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden in /myPath/index.php on line 9
Array (

• => HTTP/1.1 403 Forbidden [1] => Server: Apache-Coyote/1.1 [2] => Set-Cookie: JSESSIONID=0136055020702B60B2D87BA002376E50; Path=/RA [3] => Content-Type: text/html;charset=utf-8 [4] => Content-Length: 1124 [5] => Date: Fri, 17 Jun 2011 13:45:34 GMT [6] => Connection: close ) Ungueltiger Aufruf des Web Services.

If i call it directly from the browser no problems the service returns an html table.

If i call it without

/public_process/

i get a response 200 OK but if i trie to show the result i get the rapidanalytics screen to enter username and password. If i do so, i get an error

Not Found The requested URL /my/path/j_security_check was not found on this server.

_________________________
The way i call the service from php is as follow

Code:

      $webservice =  'http://myIP/RA/public_process/Update_Modells_NaiveBayes?';

        // WebService aufrufen
        $xml = file_get_contents($webservice);

        // HTTP Status auslesen
        if(isset($http_response_header[0])) {
                list($version,$status_code,$msg) = explode(' ',$http_response_header[0], 3);
        }

        print_r($http_response_header);

        // HTTP Status ueberpruefen
        if($status_code != 200) {
                die('Ungueltiger Aufruf des Web Services.');
        }

Please could someone help me :-) as i need to call the service from PHP

Greetings

[adaman]

Ok my fault, after i copied the process to the folder of the anonymous user and again published the process as web service, i was able to call it through the above PHP code

[michaelhecht]

Hmmm .. I did the same but now I get the message: "Access to my_workflow_directory not allowed for user anonymous"
I granted permission to all repository directories for anonymous but this didn't help.

[michaelhecht]

Finally I allowed the users to access the repository directories and now anonymous can also
execute the workflows.

[Uwe]

Hi

it looks like, that you are writing an programm that use the webservice.

I know you can use most of HTTPRequest classes (independent which programming-language you are use) with authorizing.

One possibilty i hope I remeber the right things is : http://username:password@url .
The other way is authorizing by the used class. In Windows .NET there are Credentials you have to set.
Read the documentation for the class that you use.

This way may faster, better and more secure ... This is depending on the security of system. It did'nt work e.g. in the Joomla CMS Authorisation.
Uwe

[Simon Fischer]

Hi,

the http://username:password@url won't help. It may be interpreted by browsers or FTP client, but it won't help you in connecting to a Web service from an application. One reason is the fact that the "username:password" does not at all tell you what the authentication mechanism is. But I can: You can simply use plain basic HTTP authentication to do it. That should be easily possible from most programming languages.

Best,
Simon