The Altair Community is migrating to a new platform to provide a better experience for you. In preparation for the migration, the Altair Community is on read-only mode from October 28 - November 6, 2024. Technical support via cases will continue to work as is. For any urgent requests from Students/Faculty members, please submit the form linked here
Web Service with authentification
Hi RapidMiners!,
sorry for possibly repeating a topic, but I am trying to find documentation on how to do web services with authentification, but I haven't found anything on the forum or docs.
I already know how to make anonymous web services, what I want to do is have a web service accesible by username and password/token. Normally this goes in the header or the parameters of the GET request.
How do we do it in RapidMiner Server?
Thanks in advance!
Sebastian
Tagged:
0
Answers
Hi Sebastian,
non-anonymous web services use standard HTTP/HTTPS authentication.
With curl, you just give the data in the URL: https://username:password@rmserver/service
Regards,
Balázs
so I think @SGolbert you're asking how to HOST a webservice on Server with authentication, correct? So out of the box I don't think Server does this. It's not that hard to build, however - just add parameters to the query that require username/pwd and check them against some internal ExampleSets. It's a hack but I've done it before.
I will say that an automated, true backend implementation of OAuth2 would be nice...I'd also just be happy with the Web Mining extension just handling OAuth2 from the user side.
Scott
I think I am confused by this thread now. By default, exposing a web service from RapidMiner Server requires authentication by a registered Server user---you actually have to go through extra steps to allow the service to be accessed anonymously (which @SGolbert already knows). But if you simply expose the service without the anonymous user settings, then it will require you to log in with a registered RapidMiner Server user in order to access the service. In the browser that is done via a pop-up, but it sounds like you can force that to occur in the background via URL parameters that @BalazsBarany provided (although I have never actually done that myself).
I do agree with @sgenzer that OAuth capabilities for the Web Mining package and for RapidMiner Server would be very nice! But I don't think they are needed simply to require authentication for existing RapidMiner Server web services.
Lindon Ventures
Data Science Consulting from Certified RapidMiner Experts
Hi everyone,
I was actually looking for what Balazs said, thank you! However I have now a bit of a headache for setting the permissions right. I want to share my service with another user but it looks as I have to give read or execute access rights to my whole directory tree!!
Do you know if execute access rights are enough or read is also needed?
Thanks!
Sebastian
Yes, you do need to give that user "Read" access to the entire path to the directory in which the process sits; they also need "Execute" rights to any process that you want them to run. They shouldn't need "edit" access at all.
Lindon Ventures
Data Science Consulting from Certified RapidMiner Experts
Also, you should not need to give them "Execute" rights to any other directories (incl parent directories) or any other independent processes. Just execute rights for the one in question.
Lindon Ventures
Data Science Consulting from Certified RapidMiner Experts