airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <thejaka.am...@gmail.com>
Subject Re: Accessing the REST service from JavaScript
Date Wed, 12 Jun 2013 04:48:23 GMT
Hi Viknes,

As discussed offline the reason for authentication failure is not getting
"Authorization" header to backend. We experienced that Firefox and Chrome
does
not allow user to set headers while IE allow user to set headers (Correct
me if I am wrong). Further [1] describes this restriction in detail.

It seems like due to security reasons some browsers does not allow user to
manipulate headers. Maybe other Javascript experts can give more feedback
to
solve this issue.

Further even though you disable security Airavata needs a user id to
operate on. Therefore we still require a user id in the request header.

[1] http://news.anarchy46.net/2012/06/refused-to-set-unsafe-header.html

Thanks
Amila


On Tue, Jun 11, 2013 at 11:42 PM, Viknes Balasubramanee <viknesb@msn.com>wrote:

> Hi All,
>
> I am trying to get the list of experiments in Airavata by accessing the
> Registry API REST service from a webapp. When I make an AJAX request from
> JavaScript, I get an error in the browser console(FireBug) stating "Access
> denied to restricted URI".  This is the URL that I am trying to hit
>
> http://localhost:8080/airavata-registry/api/experimentregistry/get/experimen
> ts/all . The URL works fine from the browser.
>
> 1. I have the basic authentication header set with the encoded username and
> password when I make the request. I have CORS enabled in jQuery. Yet, the
> request seems to fail.
> 2. In order to skip the authentication and try my request, I set the
> enabled
> parameter in authentication.xml to false. <authenticators enabled="false">.
> When I do so, I get the below exception if I try to connect to the registry
> from XBaya.
>
> org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> Error while initializing the Airavata API
>         at
>
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> :64)
>         at
>
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> :43)
>         at
>
> org.apache.airavata.xbaya.ui.dialogs.registry.RegistryWindow.getAiravataAPI(
> RegistryWindow.java:260)
> Caused by:
> org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> Error while initializing the Airavat
> a API
>         at
>
> org.apache.airavata.client.AiravataClient.initialize(AiravataClient.java:163
> )
>         at
>
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> :61)
>         ... 99 more
> Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500
>         at
>
> org.apache.airavata.rest.client.ConfigurationResourceClient.getEventingURI(C
> onfigurationResourceClient.java:5
> 19)
>         at
>
> org.apache.airavata.rest.client.RegistryClient.getEventingServiceURI(Registr
> yClient.java:164)
>         at
>
> org.apache.airavata.client.AiravataClient.createConfig(AiravataClient.java:1
> 15)
>
> Please let me know if I am missing something here. For most of the GSOC
> projects, we are developing webapp and I believe this would play an
> important role.
>
> Thanks
> Viknes
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message