cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Learn all about the Community Ranking System, a fun gamification element of the PTC Community. X

Display Mashups from external Browser

magrawal
1-Newbie

Display Mashups from external Browser

Hi All,

I have a use case where I have to display mashups in salesforce through iframes.
I have done this as follow:

http://myDomain/Thingworx/Mashups/MashupName? appKey=APPLICATION_KEY&x-thingworx-session=true

Earlier it was working good, and I was successfully able to view mashups in salesforce.


Recently, I got my TWX Version upgraded to 7.2.5 and after upgradation I started facing the issue of AUTHENTICATION with the above way to display mashups. It now started asking for username and password.

Please help as my complete work is getting affected by this.

Thanks,

Meenakshi


5 REPLIES 5
sharmon
12-Amethyst
(To:magrawal)

Meenakshi Agrawal​​ - Protection against Cross-Site Scripting (XSS) has been improved steadily since version 6.5. For information about how to configure XSS protection in your instance, take the following steps:

You'll find instructions on how to configure XSS protection there.

P.S. - this looks like a cross-post with this post. Would you mind combining the two posts?

sdaram
1-Newbie
(To:sharmon)

Hi

Re: Display Mashups from external Browser

Stephen HarmonCreator

I have Same requirement need to show Thingworx mashup in Iframe/Div or any other HTML control. I need to integrate thingworx mashup in Webpage. I have followed below step mentioned in Release notes.

Description

Required Steps

Remove all clickjacking protection

  1. a. Locate the following section of code in the web.xml and comment it out:
  2. b. <!-- use the SameOrigin version to allow your
  3. c. application to frame, but nobody else -->
  4. d. <filter-mapping>
  5. e.                                                                               <filter-name>ClickjackFilterSameOrigin</filter-name>
  6. f.                                                                               <url-pattern>/*</url-pattern>

                 </filter-mapping>

Currently i am using Thingworx 7.3

Still  i am unable to get my thingworx mashup in Iframe.

giving following Error in Console.

Refused to display 'http://localhost:8080/Thingworx/Runtime/index.html#mashup=test&__fromBuilder=93bdc457-ce6b-414d-bd1e-a8c7f760985b' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

http://localhost:56354/favicon.ico Failed to load resource: the server responded with a status of 404 (Not Found)

In above URL "test" is my mahsup name, What i am doing wrong here. could you please look into issue.

Thanks & Regards

Spandhana.

sdaram
1-Newbie
(To:sdaram)

Please observer changes done in web.xml

<web-app xmlns="http://java.sun.com/xml/ns/javaee"

         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"

         version="3.0">

  <display-name>ThingWorx Platform</display-name>

  <context-param>

    <param-name>globalScope</param-name>

    <param-value>default</param-value>

  </context-param>

  <context-param>

    <param-name>parentContextKey</param-name>

    <param-value>default.context</param-value>

  </context-param>

  <context-param>

    <param-name>webAppRootKey</param-name>

    <param-value>/</param-value>

  </context-param>

  <context-param>

    <param-name>log4jConfigLocation</param-name>

    <param-value>/WEB-INF/log4j.properties</param-value>

  </context-param>

  <filter>

    <description>Sets various HTTP Response Headers in order to increase security, etc.</description>

    <filter-name>HttpResponseHeadersFilter</filter-name>

    <filter-class>com.thingworx.security.filter.HttpResponseHeadersFilter</filter-class>

  </filter>

  <filter-mapping>

    <filter-name>HttpResponseHeadersFilter</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

  <filter>

    <description>Prohibits Requests from being processed by a Platform instance that is not the current HA "Leader".</description>

    <filter-name>ProhibitIfNotLeaderFilter</filter-name>

    <filter-class>com.thingworx.security.filter.ProhibitIfNotLeaderFilter</filter-class>

    <init-param>

      <description><![CDATA[URLs matching this pattern will always be allowed on the current Platform instance, regardless of whether or not that instance is the current HA "Leader". This parameter is useful to identify, for example, URLs related to Platform Administration Services, etc. which should be executable on all Platform instances, not just the current HA "Leader". Please note that this parameter does not yet currently support the full <url-pattern> syntax (as specified by the Servlet Specification). That is, it currently must start with "/" and must end with "/*" (e.g. "/foo/*"), otherwise an exception will be thrown.]]></description>

      <param-name>url-pattern-allowed-if-not-leader</param-name>

      <param-value>/Admin/HA/*</param-value>

    </init-param>

  </filter>

  <filter-mapping>

    <filter-name>ProhibitIfNotLeaderFilter</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

  <filter>

   <filter-name>HAAuthenticationFilter</filter-name>

   <filter-class>com.thingworx.security.authentication.HAAuthenticationFilter</filter-class>

  </filter>

  <filter>

   <filter-name>AuthenticationFilter</filter-name>

   <filter-class>com.thingworx.security.authentication.AuthenticationFilter</filter-class>

   <init-param>

      <param-name>defaultSessionTimeout</param-name>

      <param-value>30</param-value>

   </init-param>

  </filter>

  <filter>

   <filter-name>ValidationFilter</filter-name>

   <filter-class>com.thingworx.security.filter.ValidationFilter</filter-class>

  </filter>

  <filter>

    <filter-name>ClickjackFilterDeny</filter-name>

    <filter-class>com.thingworx.security.filter.ClickjackFilter</filter-class>

    <init-param>

      <param-name>mode</param-name>

      <param-value>DENY</param-value>

    </init-param>

  </filter>

  <filter>

  <filter-name>ClickjackFilterSameOrigin</filter-name>

  <filter-class>com.thingworx.security.filter.ClickjackFilter</filter-class>

  <init-param>

   <param-name>mode</param-name>

   <param-value>SAMEORIGIN</param-value>

  </init-param>

  </filter>

 

  <filter>

    <filter-name>ClickjackFilterWhiteList</filter-name>

    <filter-class>com.thingworx.security.filter.ClickjackFilter</filter-class>

    <init-param>

      <param-name>mode</param-name>

      <param-value>WHITELIST</param-value>

    </init-param>  

    <init-param>

      <param-name>domains</param-name>

      <param-value>http://example.com</param-value>

    </init-param>

  </filter>

      

  <!-- use the Deny version to exclude all framing -->   

  <!--

  <filter-mapping>

    <filter-name>ClickjackFilterDeny</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

  -->

 

  <!-- use the SameOrigin version to allow your application to frame, but nobody else -->  

  <!-- spandana

  <filter-mapping>

    <filter-name>ClickjackFilterSameOrigin</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

   spandana -->

  <!-- use the WhiteList version to allow framing from specified domains -->

  <!-- 

  <filter-mapping>

    <filter-name>ClickjackFilterWhiteList</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

  -->

 

  <filter-mapping>

  <filter-name>AuthenticationFilter</filter-name>

  <url-pattern>/extensions/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/action-authenticate/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/action-login/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/action-confirm-creds/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/action-change-password/*</url-pattern>

  </filter-mapping> 

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ThingworxMain.html</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ThingworxMain.html/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Server/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ApplicationKeys/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Networks/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Dashboards/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DirectoryServices/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Authenticators/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/PersistenceProviderPackages/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/tunnel/wsadapter.jsp</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/tunnel/adapter.jsp</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Logs/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Resources/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Subsystems/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Users/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Home/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/StateDefinitions/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/StyleDefinitions/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ScriptFunctionLibraries/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/AtomFeedService/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DataShapes/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Importer/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ImageEncoder/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Exporter/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ExportDatabase/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ExportTheme/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ExportDefaultEntities/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ImportDatabase/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DataExporter/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DataImporter/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Widgets/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Groups/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ThingPackages/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Things/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ThingTemplates/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DataAnalysisDefinitions/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ThingShapes/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/DataTags/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ModelTags/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Composer/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Squeal/index.html</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Runtime/index.html</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Mashups/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Menus/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/MediaEntities/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/loaders/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/demos/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/API/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ExtensionPackageUploader/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/ExtensionPackages/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/FileRepositoryUploader/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/FileRepositoryDownloader/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/FileRepositories/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/xmpp/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/LocalizationTables/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Organizations/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/RemoteTunnel/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/WSTunnelClient/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/WSTunnelServer/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/PersistenceProviders/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>AuthenticationFilter</filter-name>

    <url-pattern>/Projects/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

    <filter-name>ValidationFilter</filter-name>

    <url-pattern>/*</url-pattern>

  </filter-mapping>

  <filter>

     <filter-name>ContentTypeFilter</filter-name>

     <filter-class>com.thingworx.security.contenttype.ContentTypeFilter</filter-class>

  </filter>

  <filter-mapping>

      <filter-name>ContentTypeFilter</filter-name>

      <url-pattern>/*</url-pattern>

  </filter-mapping>

  <filter-mapping>

      <filter-name>HAAuthenticationFilter</filter-name>

      <url-pattern>/Admin/HA/*</url-pattern>

  </filter-mapping>

  <listener>

    <listener-class>com.thingworx.system.ThingWorxBootstrapper</listener-class>

<!--  To be enabled if you wish to use JMX to monitor ThingWorx

    <listener-class>com.thingworx.instrumentation.ThingWorxServerMBeanContextListener</listener-class>

-->

  </listener>

  <servlet>

    <servlet-name>ClusteringStatus</servlet-name>

    <servlet-class>com.thingworx.webservices.ClusteringStatus</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>LeaderCheck</servlet-name>

    <servlet-class>com.thingworx.webservices.LeaderStatus</servlet-class>

  </servlet>

 

 

  <servlet-mapping>

    <servlet-name>LeaderCheck</servlet-name>

    <url-pattern>/Admin/HA/LeaderCheck/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ClusteringStatus</servlet-name>

    <url-pattern>/Admin/HA/ClusteringStatus/*</url-pattern>

  </servlet-mapping>

 

  <servlet>

    <servlet-name>Things</servlet-name>

    <servlet-class>com.thingworx.webservices.Things</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ThingTemplates</servlet-name>

    <servlet-class>com.thingworx.webservices.ThingTemplates</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DataAnalysisDefinitions</servlet-name>

    <servlet-class>com.thingworx.webservices.DataAnalysisDefinitions</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ApplicationKeys</servlet-name>

    <servlet-class>com.thingworx.webservices.ApplicationKeys</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Networks</servlet-name>

    <servlet-class>com.thingworx.webservices.Networks</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DirectoryServices</servlet-name>

    <servlet-class>com.thingworx.webservices.DirectoryServices</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Authenticators</servlet-name>

    <servlet-class>com.thingworx.webservices.Authenticators</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Logs</servlet-name>

    <servlet-class>com.thingworx.webservices.Logs</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Resources</servlet-name>

    <servlet-class>com.thingworx.webservices.Resources</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Subsystems</servlet-name>

    <servlet-class>com.thingworx.webservices.Subsystems</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Dashboards</servlet-name>

    <servlet-class>com.thingworx.webservices.Dashboards</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>LocalizationTables</servlet-name>

    <servlet-class>com.thingworx.webservices.LocalizationTables</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Organizations</servlet-name>

    <servlet-class>com.thingworx.webservices.Organizations</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Users</servlet-name>

    <servlet-class>com.thingworx.webservices.Users</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Home</servlet-name>

    <servlet-class>com.thingworx.webservices.Home</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Mashups</servlet-name>

    <servlet-class>com.thingworx.webservices.Mashups</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Menus</servlet-name>

    <servlet-class>com.thingworx.webservices.Menus</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>MediaEntities</servlet-name>

    <servlet-class>com.thingworx.webservices.MediaEntities</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Widgets</servlet-name>

    <servlet-class>com.thingworx.webservices.Widgets</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ScriptFunctionLibraries</servlet-name>

    <servlet-class>com.thingworx.webservices.ScriptFunctionLibraries</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>StyleDefinitions</servlet-name>

    <servlet-class>com.thingworx.webservices.StyleDefinitions</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>StateDefinitions</servlet-name>

    <servlet-class>com.thingworx.webservices.StateDefinitions</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ThingPackages</servlet-name>

    <servlet-class>com.thingworx.webservices.ThingPackages</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>PersistenceProviderPackages</servlet-name>

    <servlet-class>com.thingworx.webservices.PersistenceProviderPackages</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Server</servlet-name>

    <servlet-class>com.thingworx.webservices.Server</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DataShapes</servlet-name>

    <servlet-class>com.thingworx.webservices.DataShapes</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ThingShapes</servlet-name>

    <servlet-class>com.thingworx.webservices.ThingShapes</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Groups</servlet-name>

    <servlet-class>com.thingworx.webservices.Groups</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DataTags</servlet-name>

    <servlet-class>com.thingworx.webservices.DataTags</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ModelTags</servlet-name>

    <servlet-class>com.thingworx.webservices.ModelTags</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Importer</servlet-name>

    <servlet-class>com.thingworx.webservices.Importer</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Exporter</servlet-name>

    <servlet-class>com.thingworx.webservices.Exporter</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ExportDatabase</servlet-name>

    <servlet-class>com.thingworx.webservices.ExportDatabase</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ExportTheme</servlet-name>

    <servlet-class>com.thingworx.webservices.ExportTheme</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ExportDefaultEntities</servlet-name>

    <servlet-class>com.thingworx.webservices.ExportDefaultEntities</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ImportDatabase</servlet-name>

    <servlet-class>com.thingworx.webservices.ImportDatabase</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DataImporter</servlet-name>

    <servlet-class>com.thingworx.webservices.DataImporter</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>DataExporter</servlet-name>

    <servlet-class>com.thingworx.webservices.DataExporter</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ImageEncoder</servlet-name>

    <servlet-class>com.thingworx.webservices.ImageEncoder</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>AtomFeedService</servlet-name>

    <servlet-class>com.thingworx.webservices.AtomFeedService</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ExtensionPackageUploader</servlet-name>

    <servlet-class>com.thingworx.webservices.ExtensionPackageUploader</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>ExtensionPackages</servlet-name>

    <servlet-class>com.thingworx.webservices.ExtensionPackages</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>FileRepositoryUploader</servlet-name>

    <servlet-class>com.thingworx.webservices.FileRepositoryUploader</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>FileRepositoryDownloader</servlet-name>

    <servlet-class>com.thingworx.webservices.FileRepositoryDownloader</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>FileRepositories</servlet-name>

    <servlet-class>com.thingworx.webservices.FileRepositories</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>AvatarViewer</servlet-name>

    <servlet-class>com.thingworx.webservices.AvatarViewer</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>OrganizationLogoViewer</servlet-name>

    <servlet-class>com.thingworx.webservices.OrganizationLogoViewer</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>FormLogin</servlet-name>

    <jsp-file>/login/FormLogin.jsp</jsp-file>

  </servlet>

  <servlet>

    <servlet-name>ResetPassword</servlet-name>

    <jsp-file>/login/ResetPassword.jsp</jsp-file>

  </servlet>

  <servlet>

    <servlet-name>ConfirmCredentials</servlet-name>

    <jsp-file>/login/ConfirmCredentials.jsp</jsp-file>

  </servlet>

  <servlet>

    <servlet-name>PersistenceProviders</servlet-name>

    <servlet-class>com.thingworx.webservices.PersistenceProviders</servlet-class>

  </servlet>

  <servlet>

    <servlet-name>Projects</servlet-name>

    <servlet-class>com.thingworx.webservices.Projects</servlet-class>

  </servlet>

  <servlet-mapping>

    <servlet-name>ExtensionPackageUploader</servlet-name>

    <url-pattern>/ExtensionPackageUploader/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ExtensionPackages</servlet-name>

    <url-pattern>/ExtensionPackages/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Server</servlet-name>

    <url-pattern>/Server/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Mashups</servlet-name>

    <url-pattern>/Mashups/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Dashboards</servlet-name>

    <url-pattern>/Dashboards/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Menus</servlet-name>

    <url-pattern>/Menus/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>MediaEntities</servlet-name>

    <url-pattern>/MediaEntities/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Widgets</servlet-name>

    <url-pattern>/Widgets/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>StateDefinitions</servlet-name>

    <url-pattern>/StateDefinitions/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>StyleDefinitions</servlet-name>

    <url-pattern>/StyleDefinitions/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ScriptFunctionLibraries</servlet-name>

    <url-pattern>/ScriptFunctionLibraries/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ApplicationKeys</servlet-name>

    <url-pattern>/ApplicationKeys/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Networks</servlet-name>

    <url-pattern>/Networks/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DirectoryServices</servlet-name>

    <url-pattern>/DirectoryServices/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Authenticators</servlet-name>

    <url-pattern>/Authenticators/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Logs</servlet-name>

    <url-pattern>/Logs/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Resources</servlet-name>

    <url-pattern>/Resources/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Subsystems</servlet-name>

    <url-pattern>/Subsystems/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Users</servlet-name>

    <url-pattern>/Users/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Home</servlet-name>

    <url-pattern>/Home/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>LocalizationTables</servlet-name>

    <url-pattern>/LocalizationTables/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Organizations</servlet-name>

    <url-pattern>/Organizations/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Things</servlet-name>

    <url-pattern>/Things/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ThingTemplates</servlet-name>

    <url-pattern>/ThingTemplates/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DataAnalysisDefinitions</servlet-name>

    <url-pattern>/DataAnalysisDefinitions/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ThingPackages</servlet-name>

    <url-pattern>/ThingPackages/*</url-pattern>

  </servlet-mapping>

    <servlet-mapping>

    <servlet-name>PersistenceProviderPackages</servlet-name>

    <url-pattern>/PersistenceProviderPackages/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DataShapes</servlet-name>

    <url-pattern>/DataShapes/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ThingShapes</servlet-name>

    <url-pattern>/ThingShapes/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Groups</servlet-name>

    <url-pattern>/Groups/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DataTags</servlet-name>

    <url-pattern>/DataTags/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ModelTags</servlet-name>

    <url-pattern>/ModelTags/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>AtomFeedService</servlet-name>

    <url-pattern>/AtomFeedService/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Importer</servlet-name>

    <url-pattern>/Importer</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Exporter</servlet-name>

    <url-pattern>/Exporter/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ExportDatabase</servlet-name>

    <url-pattern>/ExportDatabase/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ExportTheme</servlet-name>

    <url-pattern>/ExportTheme/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ExportDefaultEntities</servlet-name>

    <url-pattern>/ExportDefaultEntities/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ImportDatabase</servlet-name>

    <url-pattern>/ImportDatabase/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DataImporter</servlet-name>

    <url-pattern>/DataImporter</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>DataExporter</servlet-name>

    <url-pattern>/DataExporter/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ImageEncoder</servlet-name>

    <url-pattern>/ImageEncoder</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>FileRepositoryUploader</servlet-name>

    <url-pattern>/FileRepositoryUploader/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>FileRepositoryDownloader</servlet-name>

    <url-pattern>/FileRepositoryDownloader/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>FileRepositories</servlet-name>

    <url-pattern>/FileRepositories/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>AvatarViewer</servlet-name>

    <url-pattern>/AvatarViewer/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>OrganizationLogoViewer</servlet-name>

    <url-pattern>/OrganizationLogoViewer/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>FormLogin</servlet-name>

    <url-pattern>/FormLogin/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ResetPassword</servlet-name>

    <url-pattern>/FormLogin/reset/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>ConfirmCredentials</servlet-name>

    <url-pattern>/FormLogin/confirm/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>PersistenceProviders</servlet-name>

    <url-pattern>/PersistenceProviders/*</url-pattern>

  </servlet-mapping>

  <servlet-mapping>

    <servlet-name>Projects</servlet-name>

    <url-pattern>/Projects/*</url-pattern>

  </servlet-mapping>

  <welcome-file-list>

    <welcome-file>index.htm</welcome-file>

    <welcome-file>index.html</welcome-file>

  </welcome-file-list>

  <security-constraint>

    <web-resource-collection>

      <web-resource-name>Forbidden</web-resource-name>

      <url-pattern>/WEB-INF/*</url-pattern>

    </web-resource-collection>

    <auth-constraint/>

  </security-constraint>

  <security-constraint>

    <web-resource-collection>

      <web-resource-name>Forbidden</web-resource-name>

      <url-pattern>/persistence/*</url-pattern>

    </web-resource-collection>

    <auth-constraint/>

  </security-constraint>

  <security-constraint>

    <web-resource-collection>

      <web-resource-name>Forbidden</web-resource-name>

      <url-pattern>/streams/*</url-pattern>

    </web-resource-collection>

    <auth-constraint/>

  </security-constraint>

</web-app>

My Issue Got Resolved. I am able to Display Thingworx Mashup in Iframe Control of my Webpage.

Steps I have done

1) I have followed below step mentioned in Release notes.

Description

Required Steps

Remove all clickjacking protection

  1. a. Locate the following section of code in the web.xml and comment it out:
  2. b. <!-- use the SameOrigin version to allow your
  3. c. application to frame, but nobody else -->
  4. d. <filter-mapping>
  5. e.                                                                               <filter-name>ClickjackFilterSameOrigin</filter-name>
  6. f.                                                                               <url-pattern>/*</url-pattern>

                 </filter-mapping>

Currently i am using Thingworx 7.3

2)

<iframe id="if1" width="500" height="390" style="visibility:visible" src="http://localhost:8080/Thingworx/Mashups/PGCGraph? appKey=0f4b4662-7d09-46c3-a766-bbbcfa73ad99&x-thingworx-session=true">

</iframe>

Mashup URL I am giving like this

http://localhost:8080/Thingworx/Mashups/PGCGraph? appKey=0f4b4662-7d09-46c3-a766-bbbcfa73ad99&x-thingworx-session=true

here PGCGraph is Mashup Name.

I have Created User (Example:User123) and I Have created Appkey( 0f4b4662-7d09-46c3-a766-bbbcfa73ad99) and assigned created user (User123 to appkey.)

3)For Mashup i have assigned user in Design Time and Run time Permission.

With above steps i am able to get my mashup in iframe.

Thanks

Spandhana Daram

ankigupta
5-Regular Member
(To:sdaram)

Meenakshi Agrawal​, Could you please check spandana reply if it helps in your query too. If yes, mark it helpful or correct to let other members know this Thread has a Solution.

Top Tags