airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <thejaka.am...@gmail.com>
Subject Re: Accessing the REST service from JavaScript
Date Wed, 12 Jun 2013 12:58:41 GMT
Hi Supun,

Didn't quite understand how HTTPD going to solve the issue. You meant to
(from browser) pass header in different format to HTTPD and set headers at
HTTPD server level ? If this is possible could you also point to a
reference ?

Thanks
Amila


On Wed, Jun 12, 2013 at 8:28 AM, Supun Kamburugamuva <supun06@gmail.com>wrote:

> You can try proxying all your requests through a HTTPD server. May be it
> will help.
>
> Thanks,
> Supun..
>
>
> On Wed, Jun 12, 2013 at 12:48 AM, Amila Jayasekara
> <thejaka.amila@gmail.com>wrote:
>
> > Hi Viknes,
> >
> > As discussed offline the reason for authentication failure is not getting
> > "Authorization" header to backend. We experienced that Firefox and Chrome
> > does
> > not allow user to set headers while IE allow user to set headers (Correct
> > me if I am wrong). Further [1] describes this restriction in detail.
> >
> > It seems like due to security reasons some browsers does not allow user
> to
> > manipulate headers. Maybe other Javascript experts can give more feedback
> > to
> > solve this issue.
> >
> > Further even though you disable security Airavata needs a user id to
> > operate on. Therefore we still require a user id in the request header.
> >
> > [1] http://news.anarchy46.net/2012/06/refused-to-set-unsafe-header.html
> >
> > Thanks
> > Amila
> >
> >
> > On Tue, Jun 11, 2013 at 11:42 PM, Viknes Balasubramanee <viknesb@msn.com
> > >wrote:
> >
> > > Hi All,
> > >
> > > I am trying to get the list of experiments in Airavata by accessing the
> > > Registry API REST service from a webapp. When I make an AJAX request
> from
> > > JavaScript, I get an error in the browser console(FireBug) stating
> > "Access
> > > denied to restricted URI".  This is the URL that I am trying to hit
> > >
> > >
> >
> http://localhost:8080/airavata-registry/api/experimentregistry/get/experimen
> > > ts/all . The URL works fine from the browser.
> > >
> > > 1. I have the basic authentication header set with the encoded username
> > and
> > > password when I make the request. I have CORS enabled in jQuery. Yet,
> the
> > > request seems to fail.
> > > 2. In order to skip the authentication and try my request, I set the
> > > enabled
> > > parameter in authentication.xml to false. <authenticators
> > enabled="false">.
> > > When I do so, I get the below exception if I try to connect to the
> > registry
> > > from XBaya.
> > >
> > >
> org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> > > Error while initializing the Airavata API
> > >         at
> > >
> > >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > > :64)
> > >         at
> > >
> > >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > > :43)
> > >         at
> > >
> > >
> >
> org.apache.airavata.xbaya.ui.dialogs.registry.RegistryWindow.getAiravataAPI(
> > > RegistryWindow.java:260)
> > > Caused by:
> > >
> org.apache.airavata.client.api.exception.AiravataAPIInvocationException:
> > > Error while initializing the Airavat
> > > a API
> > >         at
> > >
> > >
> >
> org.apache.airavata.client.AiravataClient.initialize(AiravataClient.java:163
> > > )
> > >         at
> > >
> > >
> >
> org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java
> > > :61)
> > >         ... 99 more
> > > Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500
> > >         at
> > >
> > >
> >
> org.apache.airavata.rest.client.ConfigurationResourceClient.getEventingURI(C
> > > onfigurationResourceClient.java:5
> > > 19)
> > >         at
> > >
> > >
> >
> org.apache.airavata.rest.client.RegistryClient.getEventingServiceURI(Registr
> > > yClient.java:164)
> > >         at
> > >
> > >
> >
> org.apache.airavata.client.AiravataClient.createConfig(AiravataClient.java:1
> > > 15)
> > >
> > > Please let me know if I am missing something here. For most of the GSOC
> > > projects, we are developing webapp and I believe this would play an
> > > important role.
> > >
> > > Thanks
> > > Viknes
> > >
> >
>
>
>
> --
> Supun Kamburugamuva
> Member, Apache Software Foundation; http://www.apache.org
> E-mail: supun06@gmail.com;  Mobile: +1 812 369 6762
> Blog: http://supunk.blogspot.com
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message