airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Supun Kamburugamuva <supu...@gmail.com>
Subject Re: Accessing the REST service from JavaScript
Date Wed, 12 Jun 2013 12:28:04 GMT
You can try proxying all your requests through a HTTPD server. May be it
will help.

Thanks,
Supun..


On Wed, Jun 12, 2013 at 12:48 AM, Amila Jayasekara
<thejaka.amila@gmail.com>wrote:

> Hi Viknes,
>
> As discussed offline the reason for authentication failure is not getting
> "Authorization" header to backend. We experienced that Firefox and Chrome
> does
> not allow user to set headers while IE allow user to set headers (Correct
> me if I am wrong). Further [1] describes this restriction in detail.
>
> It seems like due to security reasons some browsers does not allow user to
> manipulate headers. Maybe other Javascript experts can give more feedback
> to
> solve this issue.
>
> Further even though you disable security Airavata needs a user id to
> operate on. Therefore we still require a user id in the request header.
>
> [1] http://news.anarchy46.net/2012/06/refused-to-set-unsafe-header.html
>
> Thanks
> Amila
>
>
> On Tue, Jun 11, 2013 at 11:42 PM, Viknes Balasubramanee <viknesb@msn.com
> >wrote:
>
> > Hi All,
> >
> > I am trying to get the list of experiments in Airavata by accessing the
> > Registry API REST service from a webapp. When I make an AJAX request from
> > JavaScript, I get an error in the browser console(FireBug) stating
> "Access
> > denied to restricted URI".  This is the URL that I am trying to hit
> >
> >
> http://localhost:8080/airavata-registry/api/experimentregistry/get/experimen
> > ts/all . The URL works fine from the browser.
> >
> > 1. I have the basic authentication header set with the encoded username
> and
> > password when I make the request. I have CORS enabled in jQuery. Yet, the
> > request seems to fail.
> > 2. In order to skip the authentication and try my request, I set the
> > enabled
> > parameter in authentication.xml to false. <authenticators
> enabled="false">.
> > When I do so, I get the below exception if I try to connect to the
> registry
> > from XBaya.
> >
> > org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> > Error while initializing the Airavata API
> >         at
> >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > :64)
> >         at
> >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > :43)
> >         at
> >
> >
> org.apache.airavata.xbaya.ui.dialogs.registry.RegistryWindow.getAiravataAPI(
> > RegistryWindow.java:260)
> > Caused by:
> > org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> > Error while initializing the Airavat
> > a API
> >         at
> >
> >
> org.apache.airavata.client.AiravataClient.initialize(AiravataClient.java:163
> > )
> >         at
> >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > :61)
> >         ... 99 more
> > Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500
> >         at
> >
> >
> org.apache.airavata.rest.client.ConfigurationResourceClient.getEventingURI(C
> > onfigurationResourceClient.java:5
> > 19)
> >         at
> >
> >
> org.apache.airavata.rest.client.RegistryClient.getEventingServiceURI(Registr
> > yClient.java:164)
> >         at
> >
> >
> org.apache.airavata.client.AiravataClient.createConfig(AiravataClient.java:1
> > 15)
> >
> > Please let me know if I am missing something here. For most of the GSOC
> > projects, we are developing webapp and I believe this would play an
> > important role.
> >
> > Thanks
> > Viknes
> >
>



-- 
Supun Kamburugamuva
Member, Apache Software Foundation; http://www.apache.org
E-mail: supun06@gmail.com;  Mobile: +1 812 369 6762
Blog: http://supunk.blogspot.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message