Home AMX User Forum AMX Technical Discussion

Jetty Server Authentication

I have the example MTR gateway module running but I'm having trouble authenticating a web client. My public key is showing null. Even after sending AUTH.KEY-REGEN to the server, the public key value is still null. Why might that be? I have not changed the netlinx portion of the module at all and I have followed the set up guides with regards to creating users and roles.

Comments

  • I haven't seen that error before. Have you tried to issue the commands from the web interface? Are you seeing any errors/updates in diagnostics in netlinx studio?

    It does take a few minutes after the program loads the first time for everything to happen. I just loaded to a fresh processor the other day though, and it went smoothly and was wrapped up in about 10 minutes.

  • [Deleted User][Deleted User] Harman Integrated Technologies Group (ITG) Posts: 0

    @ernestmusseriii - I am of the understanding that they key field you are referencing is related to creating a certificate for HTTPS connectivity. This is not required for pre-authorizing users to avoid a login screen.

    Are you attempting HTTPS or trying to authorize a known machine to use the HTML5 control GUI?

  • Hi Chris, im not using HTTPs. I just cant get it to authenticate me into the webpage. This is the first one of these I've set up and im really just trying to teach myself for future applications. This isn't for a production system. I assumed there might be an issue with the json web token based on the Jetty Server Interface doc.

    "Authentication and Authorization is required to access the Server from any Web Client. The Authentication credentials are encrypted (RSA minimum 2048) regardless of the protocol and validated against the Users and Roles as set at the NX Controller’s Security Settings. Authorization persistence is provided through a signed and encrypted JSON Web Token (JWT) Cookie (httpOnly)."

    Role Created:

    User Created:

    These are the only errors I see in the browser:

    These are the only errors I see in the processor when the module is loading:

  • [Deleted User][Deleted User] Harman Integrated Technologies Group (ITG) Posts: 0

    I see - you are leveraging the internal user accounts from the controller. Yes, the key-gen fields and such are not required. As a quick test - have you used the admin user credentials prior to testing the newly created credential? I have not yet experienced an issue with the JWT like this, but I have seen cases where (Google Meet) the device cannot store a JWT or (MTR) the cache is purged nightly as part of a clean up routine. I will check with the devs for this utility and we will dig into this a bit further to see if we can find the element holding you up.

    For others reading the post - the utility will allow you to use user credentials that exist on the NX controller if authentication is required to use the GUI, or you can pre-authorize a known device by IP or hostname if you have a deployment where users should not be asked to login -- like Microsoft Teams or Google Meet.

  • Hi Chris, I did try the admin account. Same result.
  • [Deleted User][Deleted User] Harman Integrated Technologies Group (ITG) Posts: 0

    @ernestmusseriii - what is the device and browser seeking to open the UI? Is this a MTR screen, laptop, mobile phone, tablet?

  • Its an nx2200. I'm accessing via chrome and edge on a windows laptop.
  • Got it. My fault entirely. I was on the official firmware from the website. I loaded the hotfix forward and it's working fine.
Sign In or Register to comment.