Thanks Blake!  Please report your results to this thread - I think this information will be useful to lots of people.

--Jill

Thanks Chris, this is very helpful!  

I had to make a few adjustments due to my configuration, but I'm posting here in case it's useful to others who are new to some of these areas.

Setting this up in HealthShare (or other environments with normal security)

Since I set this up in a HealthShare environment, which is installed with normal security by default, I needed to adjust the web applications.  I created a new namespace and database for WIDGETDIRECT, along with a new security resource.  The resource (%DB_WIDGETDIRECT) has no public permissions set.  Note, however, the system automatically creates a role (with the same name) that has RW privileges on that resource. So to get the REST service to work, I changed the web application by going to the Application Roles tab and adding the %DB_WIDGETDIRECT role to the application roles.

I know this isn't the correct way to handle security in a production environment, but I needed to do this to get this example to work.

Getting REST to work with an Apache web server

I am using a full Apache web server on my machine (Mac OS X) to service several instances of HealthShare.  So, for example, to access the Management Portal using Apache my URL looks something like this:

http://localhost/infoexchange/csp/sys/%25CSP.Portal.Home.zen

There were two things required to get this entire exercise to work correctly:

1. In my httpd.config file I had something like this to force the CSP Gateway to handle all files:

<Location "/infoexchange/">
     CSPFileTypes *
</Location>

When I tried calling the REST service directly using this:

/infoexchange/widgetsdirect/rest/jill

I kept getting "URL not found errors".  However, when I tried this it worked correctly:

/infoexchange/widgetsdirect/rest/jill.txt

It turns out that using CSPFileTypes is valid only for URLs with an extension (obvious now and to those who are expert in this area, but that's not me).  So I added one line to my httpd.conf file to force the CSP Gateway to evaluate any URL with this location and all worked perfectly!

<Location "/infoexchange/">
    CSPFileTypes *
    CSP On
</Location>

 

2. Since my URL for the REST service includes information about my instance, I needed to update the widgetmaster.js file to include that in the $http.get() command:

$http.get('/infoexchange/widgetsdirect/rest/Jill')

 

This is very helpful, thank you!  One problem is that a few of the images seem to be missing from the post (the standard "image not found" icon is shown).

Thanks Eduard and Dmitry.  

The class %Api.Atelier does not exist in 2016.1.1, which is consistent with Dmitry's response that I must use 2016.2.

Thank you Stefan and Ben!

I agree - I'd rather get too many notifications than too few right now.

I see the same (bad) behavior with Chrome and Safari on OS X and Chrome on Windows.  But my main concern is the fact that I can't access any of the other settings (I just see them flash by very quickly as the page is loading).