Re: Stanbol problem : access restricted ressource via Ajax

Reto Bachmann-Gmür Tue, 19 Nov 2013 05:53:30 -0800

Hi Julien

Sorry for the late reply. I see the error "Origin http://127.0.0.1 is not
allowed by Access-Control-Allow-Origin." seems to be related to the fact
that the script is trying to access another host than it is originating
from. Can't you deploy the document to the same host that you're accessing?
Ideally obsoleting any absolute URI in the script.


Cheers,
Reto


On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
jvillepoux.oof...@gmail.com> wrote:

> Hi Reto !
> I understand too late that you were in Fusepool Workshop ... I was there
> too ...
>
> So as you told me... I change my ajax request like this :
>
> $.ajax({
>                 url : "
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes";,
>                 type : "GET",
>                 beforeSend: function (xhr) {
>
> xhr.setRequestHeader("Authorization", pw);
>                                         xhr.withCredentials = true;
>                                 },
>                 headers : {"Accept":"application/rdf+xml"},
>                 dataType : "xml",
>                 cache:false,
>                 async:false,
>                 success: function(data){
>                     console.warn("success");
>                     },
>                 error: function(xhr,ajaxOptions,thrownError){
>                     console.error("Error !!!!");
>                 }
>             });
>
> The response is still not good.
>
>
>
> I could not understand why ?
> Do you have any idea ?
>
> Thanks you again.
> Julien VILLEPOUX
>
>
> 2013/11/13 Reto Bachmann-Gmür <r...@apache.org>
>
> > Hi Julien
> >
> > I see that with curl you're setting the accept header to rdf/xml but not
> > with the jquery client. Is this intentional?
> >
> > Cheers,
> > Reto
> >
> >
> > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > jvillepoux.oof...@gmail.com> wrote:
> >
> > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > >
> > > org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
> > >
> > > The problem is that I can't access to access restricted resources with
> > Ajax
> > > request.
> > >
> > >
> > > When I used Curl I get attended answer :
> > >
> > > *Curl  --user "admin:admin" –H "Accept :application/rdf+xml"
> > > "http://localhost:8080/ <http://localhost:8080/>*
> > > *user-management/users/bob/rolesCheckboxes"*
> > >
> > >
> > > When I try to do the same thing with Ajax/Jquery*.*
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > *function getPwd(admin,passwd){                        var l =
> > > admin;                        var p = passwd;
> var
> > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> >  return
> > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes);                }
> > >                 var pw = getPwd("admin","admin");
> > > console.log(pw);            var rdfdata            $.ajax({
> > > url : "http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> > >         type : "GET",                beforeSend: function (xhr)
> > > {
> > > xhr.setRequestHeader("Authorization",
> > > pw);                                        xhr.withCredentials = true;
> > >                                 },                dataType : "xml",
> > >         cache:false,                async:false,
>  success:
> > > function(data){                    console.warn("success");
> > >     },                error: function(xhr,ajaxOptions,thrownError){
> > >             console.error("Error !!!!");                }
>  });*
> > >
> > > We have this answer in Chrome :
> > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > Access-Control-Allow-Origin
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > >  XMLHttpRequest cannot load
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > .
> > > Origin http://127.0.0.1 is not allowed by Access-Control-Allow-Origin.
> > >
> > > And in FF:
> > >
> > > Reload the page to get source for:
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > >
> > > We try to add this  in UserResource.java in UserManagement bundle
> without
> > > sucess :
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > * @OPTIONS  @Path("users/*")  public Response handleCorsPreflight(){
> > > ResponseBuilder res = Response.ok();
> > //enableCORS(servletContext,res,
> > > headers);      res.header("Access-Control-Allow-Origin", "*");
> > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > >       return res.build();  }*
> > >
> > > I think, we need to add "Authorization" header in OPTIONS. But With the
> > new
> > > architecture We don't find how to do it. We seen the configuration
> point
> > > for jersey [1] and try to add "authorization" header, but i think it's
> > not
> > > enough.
> > >
> > > Thanks you for you help !
> > > Julien VILLEPOUX
> > >
> >
>

Re: Stanbol problem : access restricted ressource via Ajax

Reply via email to