Altair RISE

A program to recognize and reward our most engaged community members

Nominate Yourself Now!

Web Service with authentification

Hi RapidMiners!,

sorry for possibly repeating a topic, but I am trying to find documentation on how to do web services with authentification, but I haven't found anything on the forum or docs.

I already know how to make anonymous web services, what I want to do is have a web service accesible by username and password/token. Normally this goes in the header or the parameters of the GET request.

How do we do it in RapidMiner Server?

Thanks in advance!

Sebastian

Find more posts tagged with

AI Studio

Server

Accepted answers

All comments

BalazsBaranyRM

Hi Sebastian,

non-anonymous web services use standard HTTP/HTTPS authentication.

With curl, you just give the data in the URL: https://username:password@rmserver/service

Regards,

Balázs

sgenzer

so I think @SGolbert you're asking how to HOST a webservice on Server with authentication, correct? So out of the box I don't think Server does this. It's not that hard to build, however - just add parameters to the query that require username/pwd and check them against some internal ExampleSets. It's a hack but I've done it before.

I will say that an automated, true backend implementation of OAuth2 would be nice...I'd also just be happy with the Web Mining extension just handling OAuth2 from the user side.

Scott

Telcontar120

I think I am confused by this thread now. By default, exposing a web service from RapidMiner Server requires authentication by a registered Server user---you actually have to go through extra steps to allow the service to be accessed anonymously (which @SGolbert already knows). But if you simply expose the service without the anonymous user settings, then it will require you to log in with a registered RapidMiner Server user in order to access the service. In the browser that is done via a pop-up, but it sounds like you can force that to occur in the background via URL parameters that @BalazsBarany provided (although I have never actually done that myself).

I do agree with @sgenzer that OAuth capabilities for the Web Mining package and for RapidMiner Server would be very nice! But I don't think they are needed simply to require authentication for existing RapidMiner Server web services.

SGolbert

Hi everyone,

I was actually looking for what Balazs said, thank you! However I have now a bit of a headache for setting the permissions right. I want to share my service with another user but it looks as I have to give read or execute access rights to my whole directory tree!!

Do you know if execute access rights are enough or read is also needed?

Thanks!

Sebastian

Telcontar120

Yes, you do need to give that user "Read" access to the entire path to the directory in which the process sits; they also need "Execute" rights to any process that you want them to run. They shouldn't need "edit" access at all.

Telcontar120

Also, you should not need to give them "Execute" rights to any other directories (incl parent directories) or any other independent processes. Just execute rights for the one in question.