iFrame Mendix in Teamcenter AWC
Overview
This module provides guidance and tooling to
- Display a mendix app embedded in Teamcenter Active Workspace
- Propagate TC session without relogin by propagating the session cookie
- Automatically login a Mendix user that match with the current TC user
This module requires some simple configuration on Teamcenter side.
For the moment, this module can only work on-premise because the prerequired settings are not yet available on Mendix Cloud (URL path setting) and TcX Cloud (gateway route setting). If you think that this setup can make sense on cloud architectures, please vote for the idea.https://community.mendix.com/link/space/deployment/ideas/4624
Disclaimer : This module is supported by the community, and it has no official support of Siemens and Mendix R&D teams.
Documentation
Typical usage scenario
This module provides guidance and tooling to
- Display a mendix app embedded in Teamcenter Active Workspace
- Propagate TC session without relogin
- Automatically login a Mendix user that match with the current TC user
This module requires some simple configuration on Teamcenter side.
Features and limitations
For the moment, this module can only work on-premise because the prerequired settings are not yet available on Mendix Cloud (URL path setting) and TcX Cloud (gateway route setting). If you think that this setup can make sense on cloud architectures, please vote for the idea.https://community.mendix.com/link/space/deployment/ideas/4624
For AutoLogin of Mendix user
- the MatchingRule is a customizable microflow. Based on the details of the TcUser (Name, Id, Group,Role, etc...) , it selects the matching Mendix user to autologin
- If no MxUser is matching
- Provisioning : the Mendix user can be created on the fly with a customizable microflow
- a Customizable login page can be displayed
- a customizable error page can be displayed
Security considerations
This module has not yet been audited by security experts, even if no risk is identified so far.
- "iframing" and "TcSession propagation" are not subject to risk, the key is simply to configure both Teamcenter and Mendix to share the same URL. This module mainly provides guidance to do this configuration.
- The feature "autologin of mendix user" implements a more complex logic. It's optional and you can decide that the MxUser remains "anonymous". To summurize, the condition for login are
- an active teamcenter session that allows a successfull response from the TC API providing Session/User information details
- a Mendix user that match with the current Tc user based on a "MatchingRule" microflow that you can customize.
Support considerations
This module is supported by the community, and it has no official support of Siemens and Mendix R&D teams.
However, let's evaluate the risk for the 3 features :
- "iFraming" : it's supported by standard features of Teamcenter and Mendix ( namely "Teamcenter gateway custom routes" and "Mendix nested URL path" ). This module just provides you with the guidance to configure it.
- "Tc Session propagation" : The module provides a very simple logic, easy to maintain. it simply read the JSESSIONID cookie managed by Teamcenter, and propagate it to the TcConnecor module. This will continue to work as long as Active Workspace and TcConnector use the JSESSIONID cookie, and there is no plan for this to change.
- "autologin of Mendix user" implements a more complex logic, that will be supported with best effort. It's optional.
Finally, iFraming has no risk, and if this module unfortunately stop working, the risk is that the end-users have to re-login manually.
Dependencies
- Mx10.12
- TcConnector
- Teamcenter with Active Workspace 4, 5, 6
Installation
Follow videos and documentation available directly in the module in folder 0_ConfigurationGuide.
Module name is "TcNBD_iFrameMxInAwc".
Configuration
Follow videos and documentation available directly in the module in folder 0_ConfigurationGuide