Rapidminer Server Webservice - Access-Control-Allow-Origin

longy26longy26 Member Posts: 4 Contributor I
edited November 2018 in Help

Hey all,

 

I successfully exposed a process as a webservice.

The Rapidminer Server is running locally on my machine.

I can make a request to the webservice through Postman, or the browser and get the expected result.

 

But only when I try to call the webservice from my angular2 website,

because of a missing 'Access-Control-Allow-Origin'.

 

XMLHttpRequest cannot load http://localhost:8080/api/rest/public/process/applyDT. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

 

Where within the Rapidminer Server Settings can I setup the 'Access-Control-Allow-Origin' header?

 

I searched everywhere and couldn't find anybody with the same problem.

 

Any tips would be really appreciated.

Best regards,

Long

 

Answers

  • Thomas_OttThomas_Ott RapidMiner Certified Analyst, RapidMiner Certified Expert, Member Posts: 1,761   Unicorn

    Is your webservice exposed as anonymous or as your user? You might have to expose it as an anonymous user.

    longy26
  • longy26longy26 Member Posts: 4 Contributor I

    The webservice is exposed as anonymous.

     

    The process is stored at rapidminerserver/home/anonymous/...

    I edited the access rights of the process, so that the anonymous user can do everything.

     

    I query the webservice using the public link:

    http://localhost:8080/api/rest/public/process/applyDT?

     

    Anything missing?

     

    Thanks for your help,

    Long

  • mschmitzmschmitz Administrator, Moderator, Employee, RapidMiner Certified Analyst, RapidMiner Certified Expert, University Professor Posts: 2,113  RM Data Scientist

    Hi,

     

    did you set: com.rapidanalytics.web.anonymous_services  to true?

    - Head of Data Science Services at RapidMiner -
    Dortmund, Germany
    longy26
  • longy26longy26 Member Posts: 4 Contributor I

    Hey @mschmitz

     

    Yes, i've already set both

    com.rapidanalytics.web.anonymous_resources 

    com.rapidanalytics.web.anonymous_services 

    to true.

     

    Did not work unfortunately.

     

    Thanks for your help,

    Long

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi Long,

     

    did you check http://docs.rapidminer.com/server/administration/user-management/special-users.html ?

    This page gives plenty of information on the user anonymous and how to allow webservice access to this user.

     

    Best,

    Edin

    longy26
  • longy26longy26 Member Posts: 4 Contributor I

    Hey @Edin_Klapic

     

    I have read that documentation.

    I followed it exactly as it is stated there.

     

    The only thing that I was not able to follow was to give the anonymous user access rights to the webservice. In the documentation it says:

    You can now set access rights to the web service. 
    User anonymous also has rights to the corresponding process and all linked content, such as data and models.

    I can't find any option to edit access rights to the web service. I can only edit the web service or test it.

     

    The only thing I was able to do, was giving the anonymous user access rights to the process/resource, which the web service is using.

     

    Best regards,

    Long

     

     

  • chinthiti_wchinthiti_w Member Posts: 1 Contributor I

    Hi, @longy26

     

    I have the same Access-Control-Allow-Origin problem. Have you found the solution? 

     

    Regards

     

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Sorry, but I misunderstood your problem in the first place.

     

    As for now you cannot set the HTTP response header values (e.g. Access-Control-Allow-Origin) to enable CORS with RapidMiner Server.

     

    We are aware of this and put in on our roadmap. Nevertheless, I am not able to make any assumptions regarding the solution date since changing this requires quite some effort. :(

     

    Best regards,

    Edin

     

  • steve_waresteve_ware Member Posts: 1 Contributor I

    So the only immediate solution is to disable cross-domain access checks? How are RapidMiner Server, web-services intended to be used?

    Please advise if you now have a plan for when this will be fixed.

     

    Show-stopper.

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi Steve,

     

    we are still investigating the CORS problem. 

    Nevertheless there are built-in solutions for special use cases, e.g. connect to a webservice from Tableau.

    Here you would simply need to define the output format OData of a RapidMiner Server webservice and when connecting to this webservice from within Tableau you need to create an OData connection type with the URL of the webservice as source.

    The only restriction is that the Output needs to be a RapidMiner ExampleSet.

    Other RapidMiner Objects need to be converted. In addition to the built-in Operators there is e.g. the Converters extension available on the marketplace which contains more converters.

     

    Best,

    Edin

    Thomas_Ott
  • qbodartqbodart Member Posts: 1 Contributor I

    Am also interested in this topic. Thanks for updating this post as soon as a solution is available.

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi @qbodart, @longy26, @steve_ware, @chinthiti_w,

     

    With the upcoming release of RapidMiner Server v8 (currently in BETA), we provide the requested parameter settings.

     

     

    • Added com.rapidanalytics.security.x_frame_options property to allow administrators to disable embedding elements of RM Server into other websites
    • Added com.rapidanalytics.security.access_control_allow_origin and related properties to enable administrators to allow CORS. See documentation for more details about the new properties.

     

    If you are interested in taking part of testing this BETA version you can find it here.

    I will keep you posted when RapidMiner Server 8 is released.

     

    Best regards,

    Edin

     

     

    sgenzer
  • kevin_reifkevin_reif Member Posts: 6 Contributor I

    Hello there,

     

    I have the same Problem. I set up my service and when I call it from the browser directly or from postman, it works all fine.


    As soon as I call it from my own webpage via jquery ajax, I get the following error message in the browser console:

     

    Failed to load http://localhost:8080/api/rest/process/dataFlowTest?: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 401.

     

     

    I already set com.rapidanalytics.security.access_control_allow_origin to '*' in the settings. Still the same problem.

     

    Please help!!!!

     

     

    Cheer Kevin

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi @kevin_reif,

     

    Did you have a look at the other settings for CORS?

    They can be found in the RapidMiner Server settings description (https://docs.rapidminer.com/latest/server/administration/server-settings.html#settings-table) in the security section (at the bottom).

     

    Happy Mining,

    Edin

    sgenzer
  • kevin_reifkevin_reif Member Posts: 6 Contributor I

    Hey @Edin_Klapic,

     

    thanks for your reply. Here are my Server Settings:

    ServerProperties.PNG

    I think that I set all the sufficient properties. I don't know what to do else..

     

     

    Best Regards

     

    Kevin

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi @kevin_reif,

     

    Did you restart RapidMiner Server after setting the options?

    The settings only take effect after a restart.

     

    Just for completion - below you find the settings table (seems the link did not directly point to the table).

    I never used CORS before so I am not sure what is the reason that it does not work for you.

     

    Some general remarks:

    The Webservice URL you used requires authentication. I suggest you use the anonymous one. It has a different pattern!

    E.g. http://localhost:8080/api/rest/public/resources/  or  http://localhost:8080/api/rest/public/process/

    Please make also sure that all anonymous relevant settings are made (e.g. make sure to have created the user anonymous and give it access rights to the resources).

     

    Happy Mining,

    Edin

    image.png

     

  • kevin_reifkevin_reif Member Posts: 6 Contributor I

    Hi Edin,

     

    thanks for your reply. I created the anonymous user and gave it all rights and permissions. But when i change the path of the URL from

    http://localhost:8080/api/rest/process/anonymous?

    to

    http://localhost:8080/api/rest/public/anonymous?

    I get the following error: The page /api/rest/public/anonymous you requested does not exist.

    What do I have to do to change the URL from process to public?

     

     

    Best Regards

     

    Kevin

  • Edin_KlapicEdin_Klapic Moderator, Employee, RMResearcher, Member Posts: 267  RM Data Scientist

    Hi @kevin_reif,

     

    The path you posted is not correct. You forgot "/process/" in your adapted URL.

    It should be ..../api/rest/public/process/...

    Please see also https://docs.rapidminer.com/latest/server/administration/user-management/special-users.html

     

    Happy Mining,

    Edin

Sign In or Register to comment.