cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get an answer that solved your problem? Please mark it as an Accepted Solution so others with the same problem can find the answer easily. X

Permissions for Repositories Missing

Ike@ACE
15-Moonstone

Permissions for Repositories Missing

I'm trying to allow access to a File Repository for a specific user. I already visibility for the repository and persistance provider. I also added run-time permission of GetFileListing. I haven't been able to figure what other permission(s) I may need to include to get Things (technical term) to work as intended. I've tried the adding the user to "All" run-time permissions, but that didn't work. Does anybody know what I need?

11 REPLIES 11
Velkumar
19-Tanzanite
(To:Ike@ACE)

Hi Ike@ACE 

 

Do you see any errors while executing the service? 

 

Also, include the application log so we can look into it 

 

/VR

Ike@ACE
15-Moonstone
(To:Velkumar)

No errors have appeared since I added the permission that I mentioned. The only thing that has been appearing has been a SECURITY FAILURE thing. I am unable to provide logs as the servers are hosted by PTC.

Velkumar
19-Tanzanite
(To:Ike@ACE)

Hi Ike@ACE 

 

A screenshot of the Application Log and Script Log from the composer will help.

 

/VR

Ike@ACE
15-Moonstone
(To:Velkumar)

 

This error literally says that the value of the "x-arr-ssl" and "forwarded" HTTP request headers doesn't match the security regex. It has little to do with ThingWorx permissions configuration. First, make sure those errors correlate with your GetFileListing invocations (check the timing). If they do -- see why those headers get appended to the request, if they don't -- see where they come from in the first place. Also, AFAIK those regex are configurable, but you'd need to have direct access to Tomcat to do it.

 

/ Constantine

Ike@ACE
15-Moonstone
(To:Ike@ACE)

I did a little more research into the errors that I shared and I came up with an article that points to them being harmless but annoying because they make your logs longer than they need to be without adding anything helpful. Hooray. We're back to square one. Thanks for the attempt, though.

How is your user trying to invoke the GetFileListing service?  Is this from a mashup?  Is the user directly calling the service or calling via a helper thing?  If calling via a helper thing make sure you allowed the system user the ability to call the repository services.

 

Thanks,

 

Travis

The GetFileListing service is being called by the user of a Vuforia experience. The "es-public-user" in the log is specific to Vuforia Experience Services. I'm storing some things that are being used by the experience in repositories.

What error do you get in Vuforia Studio? Are you sure that the service is triggered to be called?

 

To rule out permission issues my strategy is to add the user to the "Administrators" group temporarily and see if it works. If it does -> must be an permission issue. Normaly, permission issues are also logged in ApplicationLog - so it is weird that it is not logged.

 

If you cannot add the user to Administrators can you try executing the service via REST API e.g. with curl with the user:

curl -X POST -H -u <USERNAME>:<PASSWORD> -H "Content-Type: application/json" -d '{"path":"/"}' http://<HOSTNAME>:<PORT>/Thingworx/Things/SystemRepository/Services/GetFileListing

You may give the user a password if he does not have one yet. This is to rule out that the issue is not with vuforia studio.

 

Ike@ACE
15-Moonstone
(To:nmutter)

I have the same strategy. I take it one step further by then logging in as the es-public-access user to do permission checking with the user most of our customers will be using. It is the es-public-access user that is not giving me the errors I need to get this thing fixed.

slangley
23-Emerald II
(To:Ike@ACE)

Hi Ike@ACE.

 

At this point, the best thing to do is to open a case.  I will be happy to open one on your behalf with your approval.

 

Regards.

 

--Sharon

Announcements


Top Tags