ChemAxon Forum Archive » Integration: JChem Web Services

Security set up

User cbb759276f

11-11-2016 20:10:54

Hi


I've been trying to set up basic security on Webservices.  I have added the following lines to tomcat.conf


 


JAVA_OPTS="-Djava.awt.headless=true"
JAVA_OPTS="-Dspring.profiles.active=security-source-external,security-http-basic"
JAVA_OPTS="-Dsecurity.source.location=file:home/tomcat/.chemaxon/spring-security-source.xml"
JAVA_OPTS="-Xmx2500m"


 


I have also copied the spring-security-source.xml to /home/tomcat/.chemaxon (attached)


 


However, when I check rest-v0 output, I can't see any evidence of security being activated.


{"welcomeMessage":"You connected to the JChem REST Web Services","availableServices":["JChem Simple Web Services"],"authInfo":{"isAuthenticated":false},"version":"16.10.17.0",
"jchemVersion":"16.10.17.0-master-5866","javaVersion":"Oracle Corporation 1.8.0_65","osVersion":"Linux 3.10.0-327.el7.x86_64 amd64","servletVersion":"Apache Tomcat/7.0.54, servlet 3.0",
"jvmInfo":{"uptime":"39s","maxMemory":"2.17GB","allocatedMemory":"912.5MB","freeMemory":"686.96MB","availableProcessors":4},"cxnHomePath":"/home/tomcat/.chemaxon"

Could you please advise?

ChemAxon 13811e1703

13-11-2016 19:05:42

Hi Tim,

Are you sure all of the system properties are added to the jvm? You can check the running processes.
These options must be all added to JAVA_OPTS as:

JAVA_OPTS="-Djava.awt.headless=true -Dspring.profiles.active=security-source-external,security-http-basic -Dsecurity.source.location=file:home/tomcat/.chemaxon/spring-security-source.xml -Xmx2500m"

(I'm not sure if those lines are not overriding each other when defined in separate lines.)
Although the options looks ok so it should work. If still have problem please send the logs to webservices-support _at_ chemaxon.com

Regards,
Peter 

User cbb759276f

16-11-2016 17:39:02

Thanks Peter - I put the options in one line, and it works now.



Can I ask a follow on question? I am trying to make an Ajax call with basic authentication. I have tried various examples I found on the web, but none seem to work. e.g.


$.ajax({


url: "http://localhost:8080/webservices/rest-v0/util/calculate/stringMolExport",


username: user,


password: pass,


type: "post",


data: { "structure": source, "parameters": "smiles:-H" }


 


Or:


 


$.ajax({ headers: {"Authorization": "Basic xxxx"},


 


Is there format you can recommend?

ChemAxon 13811e1703

18-11-2016 07:37:38

Hi Tim,

Beast I can come up with is this forum:
http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-with-jquery-and-ajax />
You should set the Authorization header in the request properly to avoid popup authentication form.


Regards,
Peter