Open Services for Lifecycle Collaboration (OSLC) Server
Open Services for Lifecycle Collaboration (OSLC) services are used to simplify integration across the lifecycle management tools. Windchill supports the OSLC specification by default and enable the OSLC clients to use these services to integrate with Windchill.
The Windchill OSLC APIs allow OSLC clients to query and link to Windchill parts based on the OSLC specifications. Windchill supports the following OSLC specifications:
The Windchill OSLC Services are responsible for mapping Windchill objects to a corresponding OSLC resource and provide the response for these resources in the requested format. Following are the supported formats:
• rdf+xml (Default)
• text/turtle
|
The Windchill OSLC Services can be used only by OSLC clients; non-OSLC clients must use the Windchill (OData) Rest Services (WRS).
|
OSLC Catalog
The OSLC Catalog can be accessed at http(s)://<server>:<port>/Windchill/oslc/catalog for more information on all available services, resources and terminology.
Configuring OAuth Authorization
The default authorization for the Windchill OSLC Services is basic authorization. An additional configuration step is required to enable OAuth authorization.
See
Configure OAuth Delegated Authorization for steps to configure
Windchill to use OAuth. After
Windchill OAuth is configured, set the following
Windchill properties:
Property Name
|
Description
|
oslc.authorizationURI
|
URI for obtaining OAuth authorization
|
oslc.oauthAccessTokenURI
|
URI for obtaining OAuth access token
|
oslc.oauthRequestTokenURI
|
URI for obtaining OAuth request token
|
When the OSLC OAuth properties are configured, the Windchill OSLC Catalog includes the OAuthConfiguration property, which allows OSLC clients to discover that they should use OAuth authorization.
|
When you use OAuth authorization, make sure all requests to OSLC endpoints are prefixed with the configured SpringSecurityFilterChain url pattern. For example, if SpringSecurityFilterChain is configured with the /oauth/* url pattern, all OSLC endpoints must have the /oauth/oslc/* url pattern.
|
Configuration Required after Windchill Update
To enable the Windchill OSLC Services after updating from a previous version of Windchill, perform the following steps:
1. Add the following entry to %WT_HOME%/codebase/WEB_INF/web.xml
<servlet-mapping>
<servlet-name>OSLCServlet</servlet-name>
<url-pattern>/oslc/*</url-pattern>
</servlet-mapping>
2. To add the OSLC path to the Apache configuration, add the following entry to HTTPServer/conf/conf.d/30-app-Windchill-AJP.conf
JkMount /Windchill/oslc/* ajpWorker
3. To configure the OSLC catalog for anonymous access in the Apache configuration, add the following entry to HTTPServer/conf/conf.d/30-app-Windchill-Auth.conf
<LocationMatch ^/+Windchill/+oslc/catalog(;.*)?>
Require all granted
</LocationMatch>
Configuration for Content Security Policy
To allow client sites from other sites to view OSLC previews,
update the web.xml file to include the following OSLC Content Security servlet filter configurations:
<filter>
<filter-name>OSLCContentSecurityFilter</filter-name>
<description>Servlet request filter to set the Content Security Policy for previews</description>
<filter-class>com.ptc.oslc.windchill.filter.OSLCHttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>allowedOrigins</param-name>
<param-value>https://site1.domain.com,https://site2.domain.com </param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>OSLCContentSecurityFilter</filter-name>
<url-pattern>/oslc/*</url-pattern>
</filter-mapping>
Configuration for Cross-Origin Resource Sharing (CORS) for OSLC
|
For a more secure configuration, use the CORS filter for a cross-domain OSLC configuration only.
|
|
When configuring Windchill to share OSLC resources with other PTC OSLC client applications, install these applications locally in the same domain.
|
To allow client sites from other sites to view OSLC services,
update the web.xml file to include the following servlet filter configurations:
<filter>
<filter-name>ContentCorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>[ALLOWED_ORIGINS]</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ContentCorsFilter</filter-name>
<url-pattern>/oslc/preview/*</url-pattern>
<url-pattern>/oslc/config/*</url-pattern>
</filter-mapping>