cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get an answer that solved your problem? Please mark it as an Accepted Solution so others with the same problem can find the answer easily. X

Removing access to Squeal with Tomcat Security Constraints

No ratings

The Squeal functionality has been discontinued with ThingWorx 8.1, see ThingWorx 8.1.0 Release Notes

 

There might be scenarios where it should be disabled in earlier versions as well. This can be achieved e.g. with Tomcat Security Constraints. To add such a constraint, open <Tomcat>\webapps\Thingworx\WEB-INF\web.xml


At the end of the file add a new constraint just before closing the </web-app> tag:

 

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Forbidden</web-resource-name>
    <url-pattern>/Squeal/*</url-pattern>
  </web-resource-collection>
  <auth-constraint/>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

Save the file and restart Tomcat.


Accessing the /Thingworx/Squeal resource now will result in an error message:

 

HTTP Status 403 - Access to the requested resource has been denied

 

One scenario to be aware of is when the web.xml changes, e.g. due to updating ThingWorx or other manual changes. In such a case, ensure that the filter is still present in the file and taken into account.

Version history
Last update:
‎Mar 21, 2018 04:44 AM
Updated by:
Labels (3)