cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X

How to avoid Thingworx custom javascript sql code of one machine being exposed in another machine

Siddharth_Jhs
14-Alexandrite

How to avoid Thingworx custom javascript sql code of one machine being exposed in another machine

Hi Team,

We have a requirement to encrypt our custom code and then deploy it in another machine for security purpose. For this I built an extension using java eclipse code as mentioned in following link :

https://support.ptc.com/help/thingworx/platform/r9/en/index.html#page/ThingWorx/Help/Best_Practices_for_Developing_Applications/EclipsePluginCreatingAnExtensionProject.html#

 

But when I imported my custom extension, I can still see my custom code in another machine. Please guide me to avoid such scenario. Attaching you screenshot of Sample Project I created for testing.

Steps followed: 

1) Created Sample Project in machine 1 and exported zip file of source control entities.

2) Eclipse--> New ---> Thingworx Extension Project

3) Created New Folder under Project with name as Entities and pasted all folders of Source Control entities in this folder Entities

4) executed ant-build command to build extension project.

5) Go to directory where built file is created and import it in machine 2 

D:\Thingworx_Development\Sample_Project_Ext\build\distributions\Sample_Project_Ext.zip

 

 

Regards,

Sid

1 ACCEPTED SOLUTION

Accepted Solutions

Hello,

 

The only way I know how to hide the code from within composer is to create everything as java based entity in an extension as mentioned.

 

I however strongly recommend against this approach. If you do go forward with the extension make sure it is fully thought out and validated.  We have seen where these types of solutions are harder to maintain, debug, and can have longer development times.  Every change to your solution will also require a platform restart to have the latest changes deployed.

 

You may be able to take a different approach and remove all users from the composer user group.  Then assign only the Administrator to this group,  This will prevent all but specific users from accessing the /composer url.  This would hide the javascript code and ability to export entities to "authorized" users.  If you go with this approach make sure to spend extra time initially validating the solution and permissions as this group is used to provide some OOTB permissions that will need to be re-granted.

 

Thanks,

 

Travis

View solution in original post

2 REPLIES 2

Hi @Siddharth_Jhs 

 

I just created a Thingworx extension

 

I'm not able to see the code of entities that I created in eclipse 

 

C2.PNG

 

C1.PNG

 

But I'm able to see the code of the entity that I created in Thingworx and exported as an XML file

C3.PNG

 

I think if you want to encrypt/hide the code, you have to recreate all entities in eclipse 

 

/ VR

Hello,

 

The only way I know how to hide the code from within composer is to create everything as java based entity in an extension as mentioned.

 

I however strongly recommend against this approach. If you do go forward with the extension make sure it is fully thought out and validated.  We have seen where these types of solutions are harder to maintain, debug, and can have longer development times.  Every change to your solution will also require a platform restart to have the latest changes deployed.

 

You may be able to take a different approach and remove all users from the composer user group.  Then assign only the Administrator to this group,  This will prevent all but specific users from accessing the /composer url.  This would hide the javascript code and ability to export entities to "authorized" users.  If you go with this approach make sure to spend extra time initially validating the solution and permissions as this group is used to provide some OOTB permissions that will need to be re-granted.

 

Thanks,

 

Travis

Top Tags