cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Have a PTC product question you need answered fast? Chances are someone has asked it before. Learn about the community search. X

Permissions for Repositories Missing

Ike@ACE
13-Aquamarine
13-Aquamarine
‎Jul 15, 2023 02:07 PM
‎Jul 15, 2023 02:07 PM

Permissions for Repositories Missing

I'm trying to allow access to a File Repository for a specific user. I already visibility for the repository and persistance provider. I also added run-time permission of GetFileListing. I haven't been able to figure what other permission(s) I may need to include to get Things (technical term) to work as intended. I've tried the adding the user to "All" run-time permissions, but that didn't work. Does anybody know what I need?

Labels:
0 Kudos
Notify Moderator
11 REPLIES 11
Velkumar
18-Opal
18-Opal
(To:Ike@ACE)
‎Jul 17, 2023 12:41 AM
‎Jul 17, 2023 12:41 AM

Hi Ike@ACE 

 

Do you see any errors while executing the service? 

 

Also, include the application log so we can look into it 

 

/VR

0 Kudos
Notify Moderator
Ike@ACE
13-Aquamarine
13-Aquamarine
(To:Velkumar)
‎Jul 17, 2023 09:56 AM
‎Jul 17, 2023 09:56 AM

No errors have appeared since I added the permission that I mentioned. The only thing that has been appearing has been a SECURITY FAILURE thing. I am unable to provide logs as the servers are hosted by PTC.

0 Kudos
Notify Moderator
Velkumar
18-Opal
18-Opal
(To:Ike@ACE)
‎Jul 18, 2023 02:05 AM
‎Jul 18, 2023 02:05 AM

Hi Ike@ACE 

 

A screenshot of the Application Log and Script Log from the composer will help.

 

/VR

0 Kudos
Notify Moderator
Ike@ACE
13-Aquamarine
13-Aquamarine
(To:Velkumar)
‎Jul 18, 2023 01:48 PM
‎Jul 18, 2023 01:48 PM

 
Preview file
151 KB
0 Kudos
Notify Moderator
Constantine
16-Pearl
16-Pearl
(To:Ike@ACE)
‎Jul 20, 2023 10:17 AM
‎Jul 20, 2023 10:17 AM

This error literally says that the value of the "x-arr-ssl" and "forwarded" HTTP request headers doesn't match the security regex. It has little to do with ThingWorx permissions configuration. First, make sure those errors correlate with your GetFileListing invocations (check the timing). If they do -- see why those headers get appended to the request, if they don't -- see where they come from in the first place. Also, AFAIK those regex are configurable, but you'd need to have direct access to Tomcat to do it.

 

/ Constantine

0 Kudos
Notify Moderator
Ike@ACE
13-Aquamarine
13-Aquamarine
(To:Ike@ACE)
‎Jul 21, 2023 11:21 AM
‎Jul 21, 2023 11:21 AM

I did a little more research into the errors that I shared and I came up with an article that points to them being harmless but annoying because they make your logs longer than they need to be without adding anything helpful. Hooray. We're back to square one. Thanks for the attempt, though.

0 Kudos
Notify Moderator
TravisPickett
11-Garnet
11-Garnet
(To:Ike@ACE)
‎Jul 18, 2023 02:27 PM
‎Jul 18, 2023 02:27 PM

How is your user trying to invoke the GetFileListing service?  Is this from a mashup?  Is the user directly calling the service or calling via a helper thing?  If calling via a helper thing make sure you allowed the system user the ability to call the repository services.

 

Thanks,

 

Travis

0 Kudos
Notify Moderator
Ike@ACE
13-Aquamarine
13-Aquamarine
(To:TravisPickett)
‎Jul 18, 2023 02:56 PM
‎Jul 18, 2023 02:56 PM

The GetFileListing service is being called by the user of a Vuforia experience. The "es-public-user" in the log is specific to Vuforia Experience Services. I'm storing some things that are being used by the experience in repositories.

0 Kudos
Notify Moderator
nmutter
14-Alexandrite
14-Alexandrite
(To:Ike@ACE)
‎Jul 31, 2023 05:09 PM
‎Jul 31, 2023 05:09 PM

What error do you get in Vuforia Studio? Are you sure that the service is triggered to be called?

 

To rule out permission issues my strategy is to add the user to the "Administrators" group temporarily and see if it works. If it does -> must be an permission issue. Normaly, permission issues are also logged in ApplicationLog - so it is weird that it is not logged.

 

If you cannot add the user to Administrators can you try executing the service via REST API e.g. with curl with the user:

curl -X POST -H -u <USERNAME>:<PASSWORD> -H "Content-Type: application/json" -d '{"path":"/"}' http://<HOSTNAME>:<PORT>/Thingworx/Things/SystemRepository/Services/GetFileListing

You may give the user a password if he does not have one yet. This is to rule out that the issue is not with vuforia studio.

 

0 Kudos
Notify Moderator
Ike@ACE
13-Aquamarine
13-Aquamarine
(To:nmutter)
‎Aug 07, 2023 03:12 PM
‎Aug 07, 2023 03:12 PM

I have the same strategy. I take it one step further by then logging in as the es-public-access user to do permission checking with the user most of our customers will be using. It is the es-public-access user that is not giving me the errors I need to get this thing fixed.

0 Kudos
Notify Moderator
slangley
23-Emerald II
23-Emerald II
(To:Ike@ACE)
‎Sep 12, 2023 02:55 PM
‎Sep 12, 2023 02:55 PM

Hi Ike@ACE.

 

At this point, the best thing to do is to open a case.  I will be happy to open one on your behalf with your approval.

 

Regards.

 

--Sharon

0 Kudos
Notify Moderator
Top Tags