Has anyone been involved in development of a web interface using AJAX for API calls to the Ignition server? We’re running into CORS issues and I’m trying to understand what needs to be done on the Ignition web app in Jetty (if anything) to set up CORS filters, and then the corresponding requirements on the AJAX side.
Just an FYI for anyone running into this as well. This worked only when authentication was not required on my Python resource. With authentication forced I did need to make changes to Jetty in the web.xml file to include the OPTIONS method in the allowedMethods, and in the allowedOrigins set a wildcard * as the value. Otherwise in an ajax get or post method, the preflight message with auth fails (as it is sent as an OPTIONS method, and requires that the server allow the originating client in the cross-origin filter.
In the end I ended up creating a custom authentication API using the ignition users and the system.security.validateUser() function. I then generate a unique key for the session and send it to the browser in the response. This way I can control the sessions and time them out when I want to on the server side.
Could you please include a little bit more details about the changes you made to the web.xml file? I’m also struggling with the fact that I need authorization on all my calls but I can’t seem to add the authorization headers to my pre-flight requests.
for each of my “controllers” I’ve added an OPTIONS response like this:
Hey sorry for the delayed response. I’ve had to go back to my notes on this. You have to add the jetty servlets jar per below: $ sudo cp jetty-servlets-9.3.8.v20160314.jar /usr/local/bin/ignition/webserver/webapps/main/WEB-INF/lib
I tried to do this to my C:\Program Files\Inductive Automation\Ignition\webserver\webapps\main\WEB-INF\web.xml file and restart the web server but after I do this the Ignition website returns a 503 Service Unavailable error. I downloaded a thread dump using the Ignition Gateway Control Utility but I didn’t see any errors. Once I commented out this section and restarted the web service I was able to get back to the ignition log viewer and I was able to view the logs. I didn’t see any errors related to the web service configuration.
Could you please elaborate on what Kevin has suggested as the solution to the CORS issue? What exact code has to be put in the doGET and doPost methods of webdev postjson script? Then I will come to accessing with authentication.