Community Tip - Did you get called away in the middle of writing a post? Don't worry you can find your unfinished post later in the Drafts section of your profile page. X
I'm trying to allow access to a File Repository for a specific user. I already visibility for the repository and persistance provider. I also added run-time permission of GetFileListing. I haven't been able to figure what other permission(s) I may need to include to get Things (technical term) to work as intended. I've tried the adding the user to "All" run-time permissions, but that didn't work. Does anybody know what I need?
Hi Ike@ACE
Do you see any errors while executing the service?
Also, include the application log so we can look into it
/VR
No errors have appeared since I added the permission that I mentioned. The only thing that has been appearing has been a SECURITY FAILURE thing. I am unable to provide logs as the servers are hosted by PTC.
This error literally says that the value of the "x-arr-ssl" and "forwarded" HTTP request headers doesn't match the security regex. It has little to do with ThingWorx permissions configuration. First, make sure those errors correlate with your GetFileListing invocations (check the timing). If they do -- see why those headers get appended to the request, if they don't -- see where they come from in the first place. Also, AFAIK those regex are configurable, but you'd need to have direct access to Tomcat to do it.
/ Constantine
I did a little more research into the errors that I shared and I came up with an article that points to them being harmless but annoying because they make your logs longer than they need to be without adding anything helpful. Hooray. We're back to square one. Thanks for the attempt, though.
How is your user trying to invoke the GetFileListing service? Is this from a mashup? Is the user directly calling the service or calling via a helper thing? If calling via a helper thing make sure you allowed the system user the ability to call the repository services.
Thanks,
Travis
The GetFileListing service is being called by the user of a Vuforia experience. The "es-public-user" in the log is specific to Vuforia Experience Services. I'm storing some things that are being used by the experience in repositories.
What error do you get in Vuforia Studio? Are you sure that the service is triggered to be called?
To rule out permission issues my strategy is to add the user to the "Administrators" group temporarily and see if it works. If it does -> must be an permission issue. Normaly, permission issues are also logged in ApplicationLog - so it is weird that it is not logged.
If you cannot add the user to Administrators can you try executing the service via REST API e.g. with curl with the user:
curl -X POST -H -u <USERNAME>:<PASSWORD> -H "Content-Type: application/json" -d '{"path":"/"}' http://<HOSTNAME>:<PORT>/Thingworx/Things/SystemRepository/Services/GetFileListing
You may give the user a password if he does not have one yet. This is to rule out that the issue is not with vuforia studio.
I have the same strategy. I take it one step further by then logging in as the es-public-access user to do permission checking with the user most of our customers will be using. It is the es-public-access user that is not giving me the errors I need to get this thing fixed.
Hi Ike@ACE.
At this point, the best thing to do is to open a case. I will be happy to open one on your behalf with your approval.
Regards.
--Sharon