Hello,
I need help configuring the httpServer() function to receive requests with Basic authentication.
Example:
int iResult = httpServer("Basic", 0, 55443);
httpConnect("cbInfo", "/api/v1/info", "application/json");
Browser:
https://localhost:55443/api/v1/info
How can I configure OA to receive requests with basic authentication ?
Best regards,
Luis Miguel BP.
HTTP Server CTRL functions - httpServer
- luis.bustamante
- Posts:30
- Joined: Thu Jan 24, 2019 8:11 am
HTTP Server CTRL functions - httpServer
- kilianvp
- Posts:443
- Joined: Fri Jan 16, 2015 10:29 am
Re: HTTP Server CTRL functions - httpServer
You need to set the permission with httpSetPermission
here a working example (root user isn't allowed)
here a working example (root user isn't allowed)
Code: Select all
#uses "CtrlHTTP"
main()
{
int iResult = httpServer("Basic", 0, 55443);
if (iResult == 0)
{
httpSetPermission("/api/v1/info", makeMapping("allowUsers", "*",
"allowUnknownUsers", false,
"checkPassword", true,
"allowDisabledUsers", false));
httpConnect("cbInfo", "/api/v1/info", "application/json");
}
}
anytype cbInfo(dyn_string names, dyn_string values, string user, string ip,
dyn_string headerNames, dyn_string headerValues, int connIdx)
{
mapping v;
v["version"] = 1;
return jsonEncode(v);
}- gschijndel
- Posts:376
- Joined: Tue Jan 15, 2019 3:12 pm
Re: HTTP Server CTRL functions - httpServer
By default all urls of the http server require authentication as specified at the 'httpServer' function call. The 'httpSetPermission' is only needed to set a different permission for a specific url (like a login url for example).
So basically your are already setup correctly to receive requests with basic authentication. Any WinCC OA user can use the webserver after authentication. The basic authentication (base 64 encoded) data is passed with each request in the http header authorization. The function 'OaAuthServerside::workInfoSessionToken' uses this data to do the server side authentication.
So basically your are already setup correctly to receive requests with basic authentication. Any WinCC OA user can use the webserver after authentication. The basic authentication (base 64 encoded) data is passed with each request in the http header authorization. The function 'OaAuthServerside::workInfoSessionToken' uses this data to do the server side authentication.
- luis.bustamante
- Posts:30
- Joined: Thu Jan 24, 2019 8:11 am
Re: HTTP Server CTRL functions - httpServer
Hello,
Thank you very much for your answers.
I have tried kilianvp's example and it worked fine.
I tried gschijndel's comment and it also worked fine.
Example
Both options are very interesting to use in our projects, thank you very much again.
Best regards,
Luis Miguel BP.
Thank you very much for your answers.
I have tried kilianvp's example and it worked fine.
I tried gschijndel's comment and it also worked fine.
By default all urls of the http server require authentication as specified at the 'httpServer' function call. The 'httpSetPermission' is only needed to set a different permission for a specific url (like a login url for example).
Example
Code: Select all
// By default all urls of the http server require authentication as specified at the httpServer() function call.
// The httpSetPermission() is only needed to set a different permission for a specific url (like a login url for example).
// Allows to define more fine grained user permissions for a specific URL used with the HTTP Server.
// When we use this call to the function httpServer("Basic", 0, 55443);
// We need to create the user demo or other in our project, and set a password.
mapping permission = makeMapping("allowUsers", makeDynString("demo"),
"denyUsers", makeDynString("root"),
"allowUnknownUsers", false,
"allowDisabledUsers", false,
"checkPassword", true);
httpSetPermission("/*", permission); // All HTTP Server.
httpSetPermission(basePath + "/*", permission); // Only API REST endpoints.
Both options are very interesting to use in our projects, thank you very much again.
Best regards,
Luis Miguel BP.