Community Tip - Did you know you can set a signature that will be added to all your posts? Set it here! X
Hey guys,
I was wondering when you connect to ThingWorx via this link : server/ThingWorx
It asks you for your credentials.
I would like that previous link to be redirected to server/Thingworx/FormLogin/Everyone. How can I do that ?
With that, I can use a home mashup with the Everyone organization.
Then, whenever the session timeouts, I would like it to be redirected to the same URL (server/Thingworx/FormLogin/Everyone) How can I do that ?
I'm using PostgreSQL 9.4.15 & TOMCAT 8.5 and ThingWorx 8.0.5
Solved! Go to Solution.
I found the following two threads:
Is there any way to set several redirect URLs after timeout?
You may try this for the first part of your question:
Configuring URL redirection for ThingWorx
For the timeout redirect, not sure it is possible currently.
Thank you for the quick reply.
I was able to do the redirection.
So now, whenever they type the server, it redirects to ThingWorx.
Maybe it's unclear for the second part.
instead of having this Authentication prompt message(img1), I would like to get to the FormLogin (img2) without having to type /FormLogin/Everyone
I would like to redirect to this :
I understand the requirement, however, I do not think it's currently possible with the form login. There should be an article on this, I'll look tomorrow during North America business hours and post a link here. You may try going the custom authenticator route although it would be a lot more involved.
Okay, thank you.
I know it is possible as my customer, who is using ThingWorx 6.5 is doing it.
I would want to do the same for an internal server..
I wanted to find out how to do it, instead of asking them.
If you do find how to do it, it would be nice to let me know.
Otherwise, I will ask my customer.
I found the following two threads:
Is there any way to set several redirect URLs after timeout?
Good Thank you ! The second link has worked for me !
Glad it worked! Thank you for your time and patience.
Can you please help with my case which is similar to the above solution:
Please help me with this.
Here is the code of the Authenticator.
Basically, whenever you are pressing the Login button in the browser, It will execute the Method Authenticate.
In there, you basically implement your logic to authenticate. In this code, if either the user or the password is empty, it throws an error. In the Catch block, it's setting redirect to true and setRequiresChallenge to true (which will execute the method IssueAuthenticationChallenge). In that method, if redirect is true, then it redirects the user to formLogin....
If the user is good then continue to the home mashup set in the organization.
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.thingworx.common.SharedConstants;
import com.thingworx.security.authentication.AuthenticationUtilities;
import com.thingworx.security.authentication.AuthenticatorException;
import com.thingworx.security.authentication.CustomAuthenticator;
import ch.qos.logback.classic.Logger;
public class LoginAuthenticator extends CustomAuthenticator {
private String user;
private String requestUrl;
private String password;
private boolean isFormLogin;
private boolean isRedirect;
public LoginAuthenticator() {
user = null;
requestUrl = null;
password = null;
isFormLogin = true;
isRedirect = false;
}
@Override
public boolean matchesAuthRequest(HttpServletRequest httpRequest)
throws AuthenticatorException
{
requestUrl = httpRequest.getRequestURL().toString();
if((!requestUrl.contains("action-login")) & (!requestUrl.contains("FormLogin")))
{
isFormLogin = false;
isRedirect = true;
setRequiresChallenge(true);
} else
if(requestUrl.contains("action-login"))
{
user = httpRequest.getParameter("thingworx-form-userid");
password = httpRequest.getParameter("thingworx-form-password");
}
return true;
}
@Override
public void authenticate(HttpServletRequest httpRequest, HttpServletResponse httpResponse)
throws AuthenticatorException
{
try {
if(user.isEmpty() || password.isEmpty()){
getApplicationLogger().error("The username or password is empty");
throw(new AuthenticatorException("The username or password is empty"));
}
AuthenticationUtilities.validateCredentials(user, password);
setCredentials(user, password);
AuthenticationUtilities.getSecurityMonitorThing().fireSuccessfulLoginEvent("<a valid account with rights to the Mashup>", SharedConstants.EMPTY_STRING);
} catch (Exception e) {
// TODO Auto-generated catch block
isRedirect = true;
super.setRequiresChallenge(true);
e.printStackTrace();
}
}
@Override
public void issueAuthenticationChallenge(HttpServletRequest httpRequest, HttpServletResponse httpResponse)
throws AuthenticatorException
{
if(isRedirect)
{
String urlString = "/Thingworx/FormLogin/Everyone";//replace with your own organization
try
{
httpResponse.sendRedirect(urlString);
}
catch(IOException e)
{
e.printStackTrace();
}
}
}
}