Hi Julien
Just about to leave for holidays. For CORS related question Rupert is more
competent than me, for the user manager Danny is the expert.
Cheers,
Reto
On Thu, Nov 21, 2013 at 9:51 AM, Julien Villepoux <
jvillepoux.oof...@gmail.com> wrote:
> Hi Reto,
>
> Access by script from another host is what I try (and have to) achieve.
>
> Ajax script and Stanbol will not be on the same FQDN.
>
> That's why I try to add the CORS header ( res.header("Access-Control-All
> ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
> @Path("users/*") ).
>
> But this don't seems to work...
>
> As options is not set in the User resource, how this is actually managed ?
>
> Thanks.
>
>
> 2013/11/19 Reto Bachmann-Gmür <r...@wymiwyg.com>
>
> > Hi Julien
> >
> > Sorry for the late reply. I see the error "Origin http://127.0.0.1 is
> not
> > allowed by Access-Control-Allow-Origin." seems to be related to the fact
> > that the script is trying to access another host than it is originating
> > from. Can't you deploy the document to the same host that you're
> accessing?
> > Ideally obsoleting any absolute URI in the script.
> >
> > Cheers,
> > Reto
> >
> >
> > On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> > jvillepoux.oof...@gmail.com> wrote:
> >
> > > Hi Reto !
> > > I understand too late that you were in Fusepool Workshop ... I was
> there
> > > too ...
> > >
> > > So as you told me... I change my ajax request like this :
> > >
> > > $.ajax({
> > > url : "
> > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes";,
> > > type : "GET",
> > > beforeSend: function (xhr) {
> > >
> > > xhr.setRequestHeader("Authorization", pw);
> > > xhr.withCredentials = true;
> > > },
> > > headers : {"Accept":"application/rdf+xml"},
> > > dataType : "xml",
> > > cache:false,
> > > async:false,
> > > success: function(data){
> > > console.warn("success");
> > > },
> > > error: function(xhr,ajaxOptions,thrownError){
> > > console.error("Error !!!!");
> > > }
> > > });
> > >
> > > The response is still not good.
> > >
> > >
> > >
> > > I could not understand why ?
> > > Do you have any idea ?
> > >
> > > Thanks you again.
> > > Julien VILLEPOUX
> > >
> > >
> > > 2013/11/13 Reto Bachmann-Gmür <r...@apache.org>
> > >
> > > > Hi Julien
> > > >
> > > > I see that with curl you're setting the accept header to rdf/xml but
> > not
> > > > with the jquery client. Is this intentional?
> > > >
> > > > Cheers,
> > > > Reto
> > > >
> > > >
> > > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > > jvillepoux.oof...@gmail.com> wrote:
> > > >
> > > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > > >
> > > > > org.apache.stanbol.commons.security.fexilwebconsole :
> 0.12.0-Snapshot
> > > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > > org.apache.stanbol.commons.security.usermanagement :
> 0.12.0-snapshot
> > > > >
> > > > > The problem is that I can't access to access restricted resources
> > with
> > > > Ajax
> > > > > request.
> > > > >
> > > > >
> > > > > When I used Curl I get attended answer :
> > > > >
> > > > > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > > *user-management/users/bob/rolesCheckboxes"*
> > > > >
> > > > >
> > > > > When I try to do the same thing with Ajax/Jquery*.*
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > *function getPwd(admin,passwd){ var l =
> > > > > admin; var p = passwd;
> > > var
> > > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > > return
> > > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > > > var pw = getPwd("admin","admin");
> > > > > console.log(pw); var rdfdata $.ajax({
> > > > > url : "
> > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> >",
> > > > > type : "GET", beforeSend: function (xhr)
> > > > > {
> > > > > xhr.setRequestHeader("Authorization",
> > > > > pw); xhr.withCredentials =
> > true;
> > > > > }, dataType : "xml",
> > > > > cache:false, async:false,
> > > success:
> > > > > function(data){ console.warn("success");
> > > > > }, error: function(xhr,ajaxOptions,thrownError){
> > > > > console.error("Error !!!!"); }
> > > });*
> > > > >
> > > > > We have this answer in Chrome :
> > > > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > > > Access-Control-Allow-Origin
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > XMLHttpRequest cannot load
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > .
> > > > > Origin http://127.0.0.1 is not allowed by
> > Access-Control-Allow-Origin.
> > > > >
> > > > > And in FF:
> > > > >
> > > > > Reload the page to get source for:
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > > >
> > > > > We try to add this in UserResource.java in UserManagement bundle
> > > without
> > > > > sucess :
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > * @OPTIONS @Path("users/*") public Response
> handleCorsPreflight(){
> > > > > ResponseBuilder res = Response.ok();
> > > > //enableCORS(servletContext,res,
> > > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > > > return res.build(); }*
> > > > >
> > > > > I think, we need to add "Authorization" header in OPTIONS. But With
> > the
> > > > new
> > > > > architecture We don't find how to do it. We seen the configuration
> > > point
> > > > > for jersey [1] and try to add "authorization" header, but i think
> > it's
> > > > not
> > > > > enough.
> > > > >
> > > > > Thanks you for you help !
> > > > > Julien VILLEPOUX
> > > > >
> > > >
> > >
> >
>
