"Is the webservice available without logging in?"

ivo
ivo New Altair Community Member
edited November 5 in Community Q&A
Hi All!

Is there a way of accessing a correctly deployed RA webservice without logging into to RA from a script?

I mean if I login to the RA and type in the URL of the webservice into the browser everything works fine and I see the desired output of the webservice. However if I log out RA and access the webservice from the browser again, I see the login page and no output. Is this a feature? Is there a way of making public webservices?

If deploying a public webservices is impossible, is there a native method of logging in that i can code into an application or script (beside try hacking around with cURL)?

Thanks for all the replies in advance!

Ivo

Answers

  • IngoRM
    IngoRM New Altair Community Member
    Hi Ivo,

    yes, making a web service publicly accessible is indeed possible. As far as I remember you will have to allow the user "Anonymous" the access. After that you can access the web service (and other resources) via the known URL but you will have to replace "resources" by "public_resources" and "processes" by "public_processes". I am not completely sure about the details but Simon is certainly able to help.

    This is fine if you can make the services publicly available. If your services have to be used under a user management, the best and simplest way is to use Single-Sign-On (SSO). However, SSO support is only part of the Enterprise Edition of RapidAnalytics.

    Hope that helps. If not, please ask again since I am not completely sure about the paths stated above and we would have to ask Simon in that case.

    Cheers,
    Ingo

  • ivo
    ivo New Altair Community Member
    Thanks for the fast reply!

    It is great to hear that the public access is possible, however I could not setup an Anonymous user role in the RA for the given process/webservice. I see two config parameters with a possible connection to the public access in the System Information > System Settings tab.
    These are:
    com.rapidanalytics.web.anonymous_resources
    com.rapidanalytics.web.anonymous_services
    Should these be altered in some way to enable public access? Furthermore if these should be modified, where could i preform the modification procedure? Is there a config file available?

    Thanks for the help!

    Ivo
  • fischer
    fischer New Altair Community Member
    Hi,,

    yes, both properties must be set to true, AND you must create an "anonymous" user (lower case).

    That should do the job. The URL context path is public_process (singular).

    Best,
    Simon
  • inzenjer_mostar
    inzenjer_mostar New Altair Community Member
    Can somebody please explain to me where and how i can change the parameters

    com.rapidanalytics.web.annonymous_resources
    com.rapidanalytics.web.annonymous_services

    Thanks
  • inzenjer_mostar
    inzenjer_mostar New Altair Community Member
    Please i need the exact procedure what i have to do to allow anonymous access to a web service. I allerady have a web service that i can acces through the browser (when i previously logged in as admin). But i want to acces the web service through a windows forms application without login. Can you please explain me the details. How to set the parameters. How to create annoymous user. What do you mean with "The URL context path is public_process (singular)."

    Thanks in advance!
  • inzenjer_mostar
    inzenjer_mostar New Altair Community Member
    I found it out by myself how to call web services without login

    First add to the Administration->System Settings two parameters both with value true:

    com.rapidanalytics.web.anonymous_resources        true
    com.rapidanalytics.web.anonymous_services            true

    and then when calling the web service in external aplication you use the same URL with a small change:
    just replace the part ".../process/..." with "../public_process/..."
  • fischer
    fischer New Altair Community Member
    Hi,

    yes, that's the right way to do it.

    Best,
    Simon
  • adaman
    adaman New Altair Community Member
    Hey,

    i did everything as it is explained above but if i trie to call the webservice from php i get the following error.
    Warning: file_get_contents(http://myIP/RA/public_process/Use_Modells_NaiveBayes?) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden in /myPath/index.php on line 9
    Array ( [0] => HTTP/1.1 403 Forbidden [1] => Server: Apache-Coyote/1.1 [2] => Set-Cookie: JSESSIONID=0136055020702B60B2D87BA002376E50; Path=/RA [3] => Content-Type: text/html;charset=utf-8 [4] => Content-Length: 1124 [5] => Date: Fri, 17 Jun 2011 13:45:34 GMT [6] => Connection: close ) Ungueltiger Aufruf des Web Services.
    If i call it directly from the browser no problems the service returns an html table.

    If i call it without
    /public_process/
    i get a response 200 OK but if i trie to show the result i get the rapidanalytics screen to enter username and password. If i do so, i get an error
    Not Found The requested URL /my/path/j_security_check was not found on this server.
    _________________________
    The way i call the service from php is as follow

          $webservice =  'http://myIP/RA/public_process/Update_Modells_NaiveBayes?';

           // WebService aufrufen
           $xml = file_get_contents($webservice);

           // HTTP Status auslesen
           if(isset($http_response_header[0])) {
                   list($version,$status_code,$msg) = explode(' ',$http_response_header[0], 3);
           }

           print_r($http_response_header);

           // HTTP Status ueberpruefen
           if($status_code != 200) {
                   die('Ungueltiger Aufruf des Web Services.');
           }
    Please could someone help me :-) as i need to call the service from PHP

    Greetings
  • adaman
    adaman New Altair Community Member
    Ok my fault, after i copied the process to the folder of the anonymous user and again published the process as web service, i was able to call it through the above PHP code
  • michaelhecht
    michaelhecht New Altair Community Member
    Hmmm .. I did the same but now I get the message: "Access to my_workflow_directory not allowed for user anonymous"
    I granted permission to all repository directories for anonymous but this didn't help.
  • michaelhecht
    michaelhecht New Altair Community Member
    Finally I allowed the users to access the repository directories and now anonymous can also
    execute the workflows.
  • kuehn
    kuehn New Altair Community Member
    Hi

    it looks like, that you are writing an programm that use the webservice.

    I know you can use most of HTTPRequest classes (independent which programming-language you are use) with authorizing.

    One possibilty i hope I remeber the right things is : http://username:password@url .
    The other way is authorizing by the used class. In Windows .NET there are Credentials you have to set.
    Read the documentation for the class that you use.

    This way may faster, better and more secure ... This is depending on the security of system. It did'nt work e.g. in the Joomla CMS Authorisation.
    Uwe
  • fischer
    fischer New Altair Community Member
    Hi,

    the http://username:password@url won't help. It may be interpreted by browsers or FTP client, but it won't help you in connecting to a Web service from an application. One reason is the fact that the "username:password" does not at all tell you what the authentication mechanism is. But I can: You can simply use plain basic HTTP authentication to do it. That should be easily possible from most programming languages.

    Best,
    Simon
  • RaedMarji
    RaedMarji New Altair Community Member
    Ingo here says the simplest way to do it is to by the enterprise edition, which of course would make your life much easier, but a hack comes to mind is have a separate database contains API keys and then make it necessary to be one of the parameters to enter the api key, using a filter you can output an error output if the key wasnt stored in the table that is stored either statically in rapidminer or on a separate database :)

    [quote author=Ingo Mierswa link=topic=3095.msg12217#msg12217 date=1298113399]
    Hi Ivo,

    yes, making a web service publicly accessible is indeed possible. As far as I remember you will have to allow the user "Anonymous" the access. After that you can access the web service (and other resources) via the known URL but you will have to replace "resources" by "public_resources" and "processes" by "public_processes". I am not completely sure about the details but Simon is certainly able to help.

    This is fine if you can make the services publicly available. If your services have to be used under a user management, the best and simplest way is to use Single-Sign-On (SSO). However, SSO support is only part of the Enterprise Edition of RapidAnalytics.

    Hope that helps. If not, please ask again since I am not completely sure about the paths stated above and we would have to ask Simon in that case.

    Cheers,
    Ingo