cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Your Friends List is a way to easily have access to the community members that you interact with the most! X

Post sessions from field devices remain active

orhand
2-Explorer

Post sessions from field devices remain active

We have devices posting data to TW server via HTTP post requests. I want the sessions related to these device posts to end immediately because it ends up having thousands of active sessions at any given time. P.S. we have the "connection : close " line in the post request.


Any help will be appreciated.



12 REPLIES 12
paic
12-Amethyst
(To:orhand)

Are you using an application key for authentication? When using an application key, no session should be established,unless specifically specified.

orhand
2-Explorer
(To:paic)

OK. will try that. Thank you.

orhand
2-Explorer
(To:orhand)

So I tried to use the REST API with an app key. I got a strange behavior just like as described in this post:

https://twc.thingworx.com/Thingworx/Runtime/index.html#master=ThingWorxCommunity&mashup=TWCBlogSearchResult&blog=GeneralCommForum&entryID=34972


"

E.g. open a Chrome incognito window. Paste in a URL with an appKey

http://www.server.com:8080/Thingworx/Things/Thing/Properties?appKey=9eb5f9d7-fb84-4026-a85a-98abc11dcea9&Accept=application/JSON


The first time this call returns the desired result.

The second time (hit Ctrl-R or refresh), I get an error page:

"HTTP Status 401 - No authType or appKey parameter has been specified for Authentication Scheme: AUTH_THINGWORX_APPKEY"

Another Ctrl-R refresh brings back the normal call result and the next one again the error. It alternates."


Haven't tried on the devices yet, but I presume the behavior when trying to update data from the devices will be similar. Any idea what causes this ?


Orhan



VladimirRosu
19-Tanzanite
(To:orhand)

Hi Orhan,

Did you also try with the parameter x-thingworx-session=true added to the http request?Happens to me all the time if I don't set this parameter to true.Good luck!Vladimir



x-thingworx-session=true ?



Hi Orhan,

Please check my answer to the post you mention (copy and paste the link in a browser).
I'm having some trouble answering directly here in the forum, as the most important part is missing from my reply (I reported the bug).
It involves setting a parameter to true in the HTTP call.

BR,
Vladi



<pre>x-thingworx-session=true</pre>

orhand
2-Explorer
(To:orhand)

Hi Vladimir,

The thing is, I am trying to eliminate active sessions from the devices so turning the session to true is not what I want.


Nevertheless, I tested the appKey with a php content retriever and it does the trick. It can be called repeatedly with no problems. I think the issue is only when using a browser. I will check with the device firmware to see if there are any problems.


Thanks for all the input.


Regards,

Orhan



orhand
2-Explorer
(To:orhand)

Hi Vladimir,

The thing is, I am trying to eliminate active sessions from the devices so turning the session to true is not what I want.


Nevertheless, I tested the appKey with a php content retriever and it does the trick. It can be called repeatedly with no problems. I think the issue is only when using a browser. I will check with the device firmware to see if there are any problems.


Thanks for all the input.


Regards,

Orhan



paic
12-Amethyst
(To:orhand)

Glad the appKey works. That is exactly what its use case is. Also these calls are not meant to be in browser.

mattw1
1-Visitor
(To:orhand)

We are making an HTML/Javascript SPA website that needs to access ThingWorx services via the REST API calls. This is a very simple website that we hope requires no server-side (PHP) code. 


I am testing the API calls in PostMan (Browser-based) and the only way I am able to successfully make a call is if I create a session. Is there no way to make a Javascript/Browser-based API call to a ThingWorx platform server without creating a session??


-Matt



paic
12-Amethyst
(To:mattw1)

Are you using an appKey?

What we've noticed is that when using a REST API tool that does browser based type calls, you will fail auth every other call even when using the appKey.

This doesn't apply when you are using a 'true' rest call.


This is something on the bug list to be fixed.



Announcements


Top Tags