Hi Samisa, this thread rang a bell with me and I found something in my personal notes.
The XMLHttpRequest spec's definition of xhr.open already contains a username/password argument for basic auth [1]. And according to Mozilla's XHR browser compatibility chart [2], all desktop browsers are compatible. It would be simple to add support for it to jaggery. I have created a DRAFT and COMPLETELY UNTESTED pull request [3] which sketches the idea, but unfortunately, I don't have the time to implement that feature myself. Cheers Kambiz [1] http://www.w3.org/TR/XMLHttpRequest/#the-open%28%29-method [2] https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest#Browser_Compatibility [3] https://github.com/wso2/jaggery/pull/72 Samisa Abeysinghe <[email protected]> wrote: > > Yes this is what I was looking for. Thanks for the information. And we > should document this > > Thanks, > Samisa... > > Samisa Abeysinghe > > Vice President Developer Evangelism > > WSO2 Inc. > http://wso2.com > > On Tue, Jan 21, 2014 at 6:29 PM, Kambiz Darabi > <[email protected]> wrote: > > Hi Samisa, > > I hope I understand your use case. > > I have successfully called Basic Auth secured REST services by > creating an > Authorization header in the jaggery code and sending the GET > request > with that header. > > Quoting from > > http://en.wikipedia.org/wiki/Basic_access_authentication#Client_side > > you can see that you just have to create a string > username:password > (separated by a colon) and encode it in base64, then you add an > HTTP > 'Authorization' header to the request which contains > > "Basic" + base64_encode( username + ":" + password); > > Here is an example of a js implementation of base64 encoding (I > don't > know what the licence is): > > http://phpjs.org/functions/base64_encode/ > > > Is this what you are looking for? > > I could also dig out some code, when I get back to the office, if > that > is necessary. > > HTH > > > > Kambiz Darabi > -- > m-creations gmbh > Acker 2 > 55116 Mainz > Germany > > W: http://www.m-creations.com > E: [email protected] > T: +49 6131 6224417 > F: +49 6131 6224418 > -- > Registered Office: Mainz, HRB Mainz 7382 > Managing Directors: Frank Pacholak, Kambiz Darabi > > > > > Samisa Abeysinghe <[email protected]> wrote: > > > > Do we have a sample around this? We need one! > > > > Thanks, > > Samisa... > > > > Samisa Abeysinghe > > > > Vice President Developer Evangelism > > > > WSO2 Inc. > > http://wso2.com > > > > On Tue, Jan 21, 2014 at 10:43 AM, Madhuka Udantha > <[email protected]> > > wrote: > > > > Hi Sudheera. > > > > > > you can pass token as header or data[1] depending on your BE > > service is expect. > > > > > > get(url[, data][, headers][, type][, success(data, xhr)]) > > > > > > [1] http://jaggeryjs.org/apidocs/get.jag > > > > > > > > > > > > On Tue, Jan 21, 2014 at 10:22 AM, Sudheera Palihakkara > > <[email protected]> wrote: > > > > > > > > > > Hi madhuka, > > > > > > Yeah I'm referring to those, But I couldn't find any > > documentation about how to send the security parameters with > > the request. For example I have secured my data service with > > UsernameToken method[1], so in oder to invoke the service I > > have to send the username and the password with the request. > > How to send those parameters with jaggery GET or POST methods? > > > > [1] > > > > http://docs.wso2.org/display/DSS311/Security+Implementation#SecurityImplementation- > > 1UsernameToken > > > > > > thank you all. :) > > > > > > > > > > > > > > On Tue, Jan 21, 2014 at 10:13 AM, Madhuka Udantha > > <[email protected]> wrote: > > > > > > Hi Sudheera, > > > > > > To call REST service you can try "Http Client" define in > > jaggery, You can fine sample codes in jaggery > > documentation as well. > > > > > > > * get()[1] > > > > * post() [2] > > > > * put() [3] > > > > * del() [4] > > > > > > > > Thanks > > > > > > [1] http://jaggeryjs.org/apidocs/get.jag > > > > [2] http://jaggeryjs.org/apidocs/post.jag > > [3] http://jaggeryjs.org/apidocs/put.jag > > [4] http://jaggeryjs.org/apidocs/del.jag > > > > > > > > > > > > On Tue, Jan 21, 2014 at 9:47 AM, Sudheera Palihakkara > > <[email protected]> wrote: > > > > > > > > > > Hi, > > > > Thank you for the reply. Can we use the WSRequest > > object to invoke a REST resource defined in DSS? I > > have followed this blog post so far[1], and using http > > GET, POST, DELETE etc methods to invoke the REST > > resources. > > > > [1] > > http://blog.samisa.org/2014/01/rest-in-json-with-wso2-data- > > services.html > > > > > > thanks. > > > > > > > > > > > > > > On Mon, Jan 20, 2014 at 6:33 PM, Ruchira Wageesha > > <[email protected]> wrote: > > > > > > You can invoke the secured service using WSRequest > > object of Jaggery. Please refer the doc at [1]. > > Several sections of the article [2](written for > > mashup server), would also be helpful. > > > > > > /Ruchira > > > > > > > > [1] http://jaggeryjs.org/apidocs/ws.jag > > [2] > > http://ruchirawageesha.blogspot.com/2011/12/blog-post. > > html > > > > > > > > > > > > On Mon, Jan 20, 2014 at 4:06 PM, Sudheera > > Palihakkara <[email protected]> wrote: > > > > > > > > > > > > > > Hi, > > > > > > I have exposed a data service as a REST > > resource and coded a Jaggery client for the > > service. Now I want to secure this service, > > using DSS I have already secured the service > > with Username Token implementation, but I have > > no idea how to write a Jaggery client to go > > along with it. Is there are any documentation > > or blog posts written on this? > > > > > > Thank you. > > > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > > > -- > > > > Ruchira Wageesha > > Associate Technical Lead > > WSO2 Inc. - lean . enterprise . middleware | > > wso2.com > > > > email: [email protected], blog: > > ruchirawageesha.blogspot.com, mobile: +94 77 > > 5493444 > > > > > > > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > > > -- > > > > Madhuka Udantha > > > > Senior Software Engineer > > Development Technologies > > WSO2 Inc. : http://wso2.com > > > > > > Mobile: +94774066336 > > Blog: http://madhukaudantha.blogspot.com/ > > > > > > > > > > > > > > > > > > -- > > > > Madhuka Udantha > > > > Senior Software Engineer > > Development Technologies > > WSO2 Inc. : http://wso2.com > > > > > > Mobile: +94774066336 > > Blog: http://madhukaudantha.blogspot.com/ > > > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/dev _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
