Hi Viknes, As discussed offline the reason for authentication failure is not getting "Authorization" header to backend. We experienced that Firefox and Chrome does not allow user to set headers while IE allow user to set headers (Correct me if I am wrong). Further [1] describes this restriction in detail.
It seems like due to security reasons some browsers does not allow user to manipulate headers. Maybe other Javascript experts can give more feedback to solve this issue. Further even though you disable security Airavata needs a user id to operate on. Therefore we still require a user id in the request header. [1] http://news.anarchy46.net/2012/06/refused-to-set-unsafe-header.html Thanks Amila On Tue, Jun 11, 2013 at 11:42 PM, Viknes Balasubramanee <[email protected]>wrote: > Hi All, > > I am trying to get the list of experiments in Airavata by accessing the > Registry API REST service from a webapp. When I make an AJAX request from > JavaScript, I get an error in the browser console(FireBug) stating "Access > denied to restricted URI". This is the URL that I am trying to hit > > http://localhost:8080/airavata-registry/api/experimentregistry/get/experimen > ts/all . The URL works fine from the browser. > > 1. I have the basic authentication header set with the encoded username and > password when I make the request. I have CORS enabled in jQuery. Yet, the > request seems to fail. > 2. In order to skip the authentication and try my request, I set the > enabled > parameter in authentication.xml to false. <authenticators enabled="false">. > When I do so, I get the below exception if I try to connect to the registry > from XBaya. > > org.apache.airavata.client.api.exception.AiravataAPIInvocationException: > Error while initializing the Airavata API > at > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > :64) > at > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > :43) > at > > org.apache.airavata.xbaya.ui.dialogs.registry.RegistryWindow.getAiravataAPI( > RegistryWindow.java:260) > Caused by: > org.apache.airavata.client.api.exception.AiravataAPIInvocationException: > Error while initializing the Airavat > a API > at > > org.apache.airavata.client.AiravataClient.initialize(AiravataClient.java:163 > ) > at > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > :61) > ... 99 more > Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500 > at > > org.apache.airavata.rest.client.ConfigurationResourceClient.getEventingURI(C > onfigurationResourceClient.java:5 > 19) > at > > org.apache.airavata.rest.client.RegistryClient.getEventingServiceURI(Registr > yClient.java:164) > at > > org.apache.airavata.client.AiravataClient.createConfig(AiravataClient.java:1 > 15) > > Please let me know if I am missing something here. For most of the GSOC > projects, we are developing webapp and I believe this would play an > important role. > > Thanks > Viknes >
