Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X
Hi ,
i tried from the thread Mashup access without login ,but its not working
The last but 1 comment. I am trying this solution.
"Another solution to this would be to create a Custom Authenticator. When that custom authenticator's matchesAuthRequest is called, you can verify hat request is for the URI of the mashup that contains the static content. If so, then return true from the matchesAuthRequest method. This will cause the authentication infrastructure to call the Custom Authenticators authenticate method. In that method, do not check any credentials, merely set the user credentials to be a public or guest user and allow the authenticate method to exit normally without error. The request will then continue to propagate the request through the system that will cause a guest user to be viewing the static mashup. Make sure the guest user only has access to the static mashup page or other guest content. You may also want to set the home mashup of the guest user as the static content in case the guest user is used to log in via the standard login prompt. You can then also lock out any access to the static mashup or other content the guest user has access to by simply disabling the guestuser. Note that if a request is processed for any other URI, then the Custom Authenticator should not match the auth request (i.e. return false frommatchesAuthRequest) and then the authentication infrastructure will water flow to the next available authenticator that can match the request; if none can match the request the authentication handling eventually reaches the Http Basic Authenticator that displays the standard Thingworx browser login prompt."
I am failing in the steps highlighted above. how set the Anonymous User have permission to access a particular mash up.I have updated the Home Mashup. Its does not work.
The Application Log should tell you what errors are coming up.
just setting permissions on a mashup actually will not accomplish anything, what you need to make sure off is that the User has permissions to:
1. See the mashup and required entities (Visibility)
2. User can execute all necessary services involved in rendering the mashup
Application Log will be the best place to look.
Hi Thanks, I had had to set the visibility.
Even if I use the appkey or if i use an authenticator , Apart from the static Mashups, the guest user is also able to login into the composer
using http://<Server>/Thingworx/Composer/index.html. After loading the static Mashups.
How do I restrict that ?
I believe at this time, the composer login can not be prevented.
However proper configuration should prevent them from doing anything they aren't supposed to do nor see what they are not supposed to see.
Also with the home mashup set, they would have to put the exact link in to Composer to get to composer.