Package com.spotfire.ws.pub

The TIBCO Spotfire Server public Web Service API.

See: Description

Package com.spotfire.ws.pub Description

The TIBCO Spotfire Server public Web Service API.

Note that this is a Web Service API. The implementing classes may not be called directly from Java code. Use the WSDL files to generate client proxies which will contains all types and methods that may be used.

The services can be accessed at:

The WSDL for each service can be retrieved by appending ?wsdl to each service URL.

How do I enable the API?
Before the API can be used, it must be enabled. To do this, export the server configuration from the database, run the config-web-service-api command and import the updated configuration to the database.

On Windows, open a command prompt, go to the <Spotfire Server installation folder>\tomcat\bin directory and execute the following commands:

  1. config.bat export-config --force
  2. config.bat config-web-service-api --enabled=true
  3. config.bat import-config -c "Enabled the public Web Service API"

On Linux, open a command-line shell, go to the <Spotfire Server installation folder>/tomcat/bin directory and execute the following commands:

  1. config.sh export-config --force
  2. config.sh config-web-service-api --enabled=true
  3. config.sh import-config -c "Enabled the public Web Service API"

All user accounts that are going to use the API must also be members of the API User group.

Sessions
When the web service client performs its first request to the server, a new session is established. The response from the server contains a session cookie called JSESSIONID. The web service client needs to include this session cookie in all further requests to the server made in the context of the session.

CSRF protection
The Web Service API has built-in protection against CSRF attacks. For backwards compatibility reasons, this CSRF protection is not enabled by default. For maximum security, it is strongly recommended to enable it. To do this, export the server configuration from the database, run the config-csrf-protection command and import the updated configuration to the database.

On Windows, open a command prompt, go to the <Spotfire Server installation folder>\tomcat\bin directory and execute the following commands:

  1. config.bat export-config --force
  2. config.bat config-csrf-protection --public-web-services=true
  3. config.bat import-config -c "Enabled the CSRF protection for the public Web Service API"

On Linux, open a command-line shell, go to the <Spotfire Server installation folder>/tomcat/bin directory and execute the following commands:

  1. config.sh export-config --force
  2. config.sh config-csrf-protection --public-web-services=true
  3. config.sh import-config -c "Enabled the CSRF protection for the public Web Service API"

The protection mechanism is based on the synchronizer token pattern. When the web service client first establishes its session on the server, the server returns a CSRF synchronizer token in a cookie called XSRF-TOKEN. The client needs to pick up this cookie value and provide it in an HTTP header called X-XSRF-TOKEN in all requests to the server, for as long as the session is active. If the server returns a new XSRF-TOKEN cookie value, the client must immediately use the new token value. If the client does not provide any token in the X-XSRF-TOKEN header, or if the provided token is invalid, the server responds with the HTTP status code 403 Forbidden. The request should then be repeated with the valid token in the HTTP header.

How do I generate client proxies?
Proxies can be generated using the tool of your choice. Here is an example on how to do it using the wsimport tool that is included with Oracle JDK.

Steps:

  1. Create an authentication file containing the URL of each web service, including a valid username and password of a user that is a member of the API User group
  2. Generate the proxies by running wsimport for each web service (specifying the authentication file created in the previous step)
Example of an authentication file:
https://user:password@server.example.com:8443/spotfire/ws/pub/InformationModelService?wsdl
https://user:password@server.example.com:8443/spotfire/ws/pub/LibraryService?wsdl
https://user:password@server.example.com:8443/spotfire/ws/pub/LicenseService?wsdl
https://user:password@server.example.com:8443/spotfire/ws/pub/SecurityService?wsdl
https://user:password@server.example.com:8443/spotfire/ws/pub/UpdateAnalysisService?wsdl
https://user:password@server.example.com:8443/spotfire/ws/pub/UserDirectoryService?wsdl

Example on how to generate the proxies, using the authentication file above:
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/InformationModelService?wsdl
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/LibraryService?wsdl
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/LicenseService?wsdl
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/SecurityService?wsdl
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/UpdateAnalysisService?wsdl
wsimport -d bin -s src -Xauthfile auth.txt https://server.example.com:8443/spotfire/ws/pub/UserDirectoryService?wsdl

Copyright © 2013-2020 TIBCO Software Inc. All Rights Reserved.