WebService (web-WebService)
This service configures access to the HTTP server as well as the servlet infrastructure used to expose custom applications over HTTP. It is available in the web palette and is one of the default services in a station created by using the New Station tool. A station supports only one WebService.
To access these properties, expand .
In addition to the common properties (Status, Fault Cause and Enabled), these properties are unique to this component.
| Property | Value | Description |
|---|---|---|
| Http Port | additional properties (port number defaults to 80) | Specifies the HTTP
client’s TCP port. The service listens on on this port for connections. The “Server Port (baja-ServerPort)” topic documents the additional properties. |
| Http Enabled | true (default) or false | Turns the processing of HTTP requests
on (true) and off (false). true turns on a standard Http connection (no communication security). When enabled, Fox Enabled in the FoxService must also be set to true (for Web Launcher use). false turns off the standard Http connection causing the system to ignore any attempts to connect using Http port 80. If Https Only is enabled, this setting (false for Http Enabled) is irrelevant. |
| Https Port | additional properties (port number defaults to 443) | Specifies the HTTPS
client’s TCP port. The service listens on this port for connections. The “Server Port (baja-ServerPort)” topic documents the additional properties. |
| Https Enabled | true (default) or false | Turns the processing of HTTPS
requests on (true) and off (false). true turns on secure Http communication using port 443. When enabled, Foxs Enabled in the FoxService must also be set to true (for Web Launcher use). false turns off the secure Https connection causing the system to ignore any attempts to connect using Https port 443. |
| Https Only | true (default) or false | Configures the security of the connection. true redirects any attempt to connect using a connection that is not secure (Http alone) to a secure Https connection. false permits an Http connection. |
| Https Min Protocol | drop-down list (defaults to TLSv1.2+) | Configures the minimum level of
the TLS (Transport Layer Security) protocol to which the server accepts
negotiations. Options include versions TLSv1.0+ TLSv1.1+, TLSv1.2+, and TLSv1.3. Note:
TLSv1.0 and TLSv1.1 are still supported for backwards compatibility, but it is recommended to use TLSv1.2 and higher. During the handshake, the server and client agree on which protocol to use. Change Protocol from the default if your network requires a specific version or if a future vulnerability is found in one of the versions. |
| Cipher Suite Group | drop-down list, Recommended (default) or Supported | Controls which cipher suites can be used during TLS negotiation. The default is more secure than the other option (Supported) and should be used unless it causes compatibility issues with the client |
| Main Https Cert | text (read-only) | Displays the host platform's server certificate that is currently used. |
| Alias | drop-down list (defaults to default) | Specifies the alias of the host
platform’s server certificate, which the client uses to validate server
authenticity. The default identifies a self-signed certificate that
is automatically created when you initially log on to the server.
It cannot be deleted and should be used for recovery purposes. The
default certificate is protected by the global certificate password.
If other certificates are in the host platform’s key store, you can
select them from the drop-down list. |
| Password | text and check box | Defines a the user-defined password or the global certificate
password associated with the server certificate. This unique password is required as of Niagara 4.13. |
| Server Certificate Health | text (read-only) | Displays the alias of the used server certificate and its status (OK, Bad Password) |
| Requested Cert | text (read-only) | Displays the certificate’s alias that was requested. |
| Returned Cert | text (read-only) | Displays the actual certificate that is currently used. |
| Cert Status | text (read-only) | Specifies the status of the requested certificate (OK, Bad Password) |
| Require Https For Passwords | true (default) or false | Controls the protocol used when a user creates a new password. true prevents the creation of a password for a new user across a connection that is not secure. HTTPs Enabled also must be set to true or the system disables the New button (for creating a new user in the UserService). false leaves the New button (for creating a new user in the UserService) enabled even if HTTPs Enabled is false. This combination of settings creates a security vulnerability when creating passwords for new users and is not recommended. |
| Remember User Id Cookie | true (default) or false | Controls if the system sets the cookie in the user’s browser. true sets the niagara_userid cookie with the user's username in the user's browser. false, the niagara_userid cookie is not used at all. |
| Same Site | None, Lax (default), or Strict | Configures browser behavior for HTTP cookies. Lax allows cookies to be sent automatically only in a first-party context and with HTTP GET requests. Cookies will be withheld on cross-site sub-requests. None allows cookies to be sent with HTTP requests to third party sites, without restriction. Strict allows cookies to be sent only for first-party context requests (requests originating from the site that set the cookie). Note: The Strict setting is not supported when using SAML
Authentication. |
| Allow Username Autocomplete | true (default) or false | Enables (true) and disables (false) autocomplete browser behavior on the username field of the prelogin page. |
| Login Template | check box and chooser (defaults to null) | Determines if a login template is used. Any selects no custom login template. When Any is not selected, the option list shows available custom login templates that you can select for a station login page. |
| Log File directory | filepath (defaults to file:^^webLogs) | Defines the folder in the station’s file space in which log files are stored. Log file names use a YYMMDD.log (date) convention, such as 230501.log for a file created May 1, 2023. |
| Client Environments | additional properties | Serves as a container for Mobile Client Environment (mobile)
entries, which are available if the station’s host is licensed with
the mobile feature. It is used in detection of a user’s browser type
(for example, desktop or mobile) and the selection of the appropriate
webProfile for the user. The topic “Client Environments (web-ClientEnviroments” documents this container. The Box and App Module Guide documents the properties for the mobile environment. |
| Show Stack Trace | true or false (default) | Controls if exception stack
traces, when available, appear in error responses. true shows exception stack traces in error responses when they are available. false disables exception stack traces in error responses. |
| Load JxBrowser from Cloud | drop-down list | Loads the JxBrowser from the cloud. |
| Web Launcher Module Caching Type | Host (default) or User | Determines how
a client using the Web Launcher caches modules. Host results in a folder and the downloading of installation modules to the module folder (n4applet for N4, and wbapplet for AX). This results in the creation of multiple folders of downloaded modules, which negatively affects platform memory usage. User results in the creation of a .sharedModuleCache folder (one cache per host visited; one shared cache per user). The system then downloads to a sub-folder at this location (n4applet for N4, and wbapplet for AX). This option minimizes the memory required when running in a controller. |
| Web Launcher Config, Web Launcher Enabled | true (default) or false | Provides a container for several sub-properties used to configure aspects of Web Launcher, which provides an applet-like Workbench environment that runs completely outside of a web browser. |
| Cache Config, Enabled | true (default) or false | Activates (true)
and deactivates (false) use of the object (network,
device, point, component, table, schedule, descriptor, etc.). |
| Cache Config, Cached File Extensions | text (defaults to png,jpg,gif,svg) | Sets the desired file type(s) to configure cache memory,
which caches all station home image files in the web browser. png, jpg, gif, svg caches only files with these extensions. * caches all file types without re-validation. |
| WarmupConfig | additional properties | Speeds the loading of HxPx graphics. This property was new
in Niagara. The first time an HxPx loads, it takes time because Java code also runs for the first time. It does not have complete compiled methods, which it needs to download fast. This component overcomes this problem. The topic, “Warmup Config (Web Warmup Config)” documents the additional properties. |
| Hostname Redirect Settings, Redirect to Hostname | true or false | Controls the URL used to connect to a station. true redirects to the mentioned host station in the host name field, when browsed. false denies the redirection to the mentioned host station in the host name property, when browsed. When you open the browser and enter the local station name or IP address of the local host in the URL, the host redirects to the station mentioned in the host name field and displays the station name in the URL. |
| Hostname Redirect Settings, Hostname | text string | Defines the host name. |
| Http Header Providers | additional properties | Configure HTTP Header provider properties
in Niagara. The topic “Http Header Providers (Http Header Providers)” documents the additional properties. |
| JettyWebServer | additional properties | Configures the Jetty web server. “Jetty Web Server (jetty-JettyWebServer)” documents the additional properties. |
| User Data Storage | additional property | Provides an option to store user data. The topic, “User Data Config (web-UserDataConfig)” documents the single property. |