Return-Path: X-Original-To: apmail-airavata-dev-archive@www.apache.org Delivered-To: apmail-airavata-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5623410FCE for ; Wed, 12 Jun 2013 12:28:49 +0000 (UTC) Received: (qmail 68803 invoked by uid 500); 12 Jun 2013 12:28:49 -0000 Delivered-To: apmail-airavata-dev-archive@airavata.apache.org Received: (qmail 68707 invoked by uid 500); 12 Jun 2013 12:28:48 -0000 Mailing-List: contact dev-help@airavata.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@airavata.apache.org Delivered-To: mailing list dev@airavata.apache.org Received: (qmail 68699 invoked by uid 99); 12 Jun 2013 12:28:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Jun 2013 12:28:48 +0000 X-ASF-Spam-Status: No, hits=2.7 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_REPLY,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of supun06@gmail.com designates 209.85.223.171 as permitted sender) Received: from [209.85.223.171] (HELO mail-ie0-f171.google.com) (209.85.223.171) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Jun 2013 12:28:44 +0000 Received: by mail-ie0-f171.google.com with SMTP id qd12so8608492ieb.2 for ; Wed, 12 Jun 2013 05:28:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=fOEBuuhwS/9tiiX7MVi+B1GXiTD6RhLyjPo5uTSe6P8=; b=HwWTuknLe9z9gJRfZc9mjbGfUOdOAQ9sIjTfRs9UZMEoLI/FoOO1lq92bUnXsbMSVm gkp+szSnMaDGD3p9vFZzOs2+LeRe6tnGxogv+89CpfdCXOtATsJK7LSmazE8jTip3Jev AGTHuAbqTmiD5s/3MZIadCfg8t6HhIIwC+99kQfCtaIXto+yTd0LuDwzhSiu4sj2qbJk GbtZHYO8yuNs6lrN6Fm6dqIMVirgKUyQTRxvmnxO6o5Ls7PCKhSk8ziVDp6oilCcSU1x rocs21gYhYNYqXJqgRpZ0DKtaiID+0juR3tuwHEv37FIOrFEZYXCAtGT7+MKOPxLjN4M EXCw== X-Received: by 10.50.43.162 with SMTP id x2mr3100050igl.94.1371040104211; Wed, 12 Jun 2013 05:28:24 -0700 (PDT) MIME-Version: 1.0 Received: by 10.50.218.129 with HTTP; Wed, 12 Jun 2013 05:28:04 -0700 (PDT) In-Reply-To: References: From: Supun Kamburugamuva Date: Wed, 12 Jun 2013 08:28:04 -0400 Message-ID: Subject: Re: Accessing the REST service from JavaScript To: dev@airavata.apache.org Cc: viknesb@msn.com Content-Type: multipart/alternative; boundary=089e0103e4ce626d7004def42606 X-Virus-Checked: Checked by ClamAV on apache.org --089e0103e4ce626d7004def42606 Content-Type: text/plain; charset=ISO-8859-1 You can try proxying all your requests through a HTTPD server. May be it will help. Thanks, Supun.. On Wed, Jun 12, 2013 at 12:48 AM, Amila Jayasekara wrote: > Hi Viknes, > > As discussed offline the reason for authentication failure is not getting > "Authorization" header to backend. We experienced that Firefox and Chrome > does > not allow user to set headers while IE allow user to set headers (Correct > me if I am wrong). Further [1] describes this restriction in detail. > > It seems like due to security reasons some browsers does not allow user to > manipulate headers. Maybe other Javascript experts can give more feedback > to > solve this issue. > > Further even though you disable security Airavata needs a user id to > operate on. Therefore we still require a user id in the request header. > > [1] http://news.anarchy46.net/2012/06/refused-to-set-unsafe-header.html > > Thanks > Amila > > > On Tue, Jun 11, 2013 at 11:42 PM, Viknes Balasubramanee >wrote: > > > Hi All, > > > > I am trying to get the list of experiments in Airavata by accessing the > > Registry API REST service from a webapp. When I make an AJAX request from > > JavaScript, I get an error in the browser console(FireBug) stating > "Access > > denied to restricted URI". This is the URL that I am trying to hit > > > > > http://localhost:8080/airavata-registry/api/experimentregistry/get/experimen > > ts/all . The URL works fine from the browser. > > > > 1. I have the basic authentication header set with the encoded username > and > > password when I make the request. I have CORS enabled in jQuery. Yet, the > > request seems to fail. > > 2. In order to skip the authentication and try my request, I set the > > enabled > > parameter in authentication.xml to false. enabled="false">. > > When I do so, I get the below exception if I try to connect to the > registry > > from XBaya. > > > > org.apache.airavata.client.api.exception.AiravataAPIInvocationException: > > Error while initializing the Airavata API > > at > > > > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > > :64) > > at > > > > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > > :43) > > at > > > > > org.apache.airavata.xbaya.ui.dialogs.registry.RegistryWindow.getAiravataAPI( > > RegistryWindow.java:260) > > Caused by: > > org.apache.airavata.client.api.exception.AiravataAPIInvocationException: > > Error while initializing the Airavat > > a API > > at > > > > > org.apache.airavata.client.AiravataClient.initialize(AiravataClient.java:163 > > ) > > at > > > > > org.apache.airavata.client.AiravataAPIFactory.getAPI(AiravataAPIFactory.java > > :61) > > ... 99 more > > Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500 > > at > > > > > org.apache.airavata.rest.client.ConfigurationResourceClient.getEventingURI(C > > onfigurationResourceClient.java:5 > > 19) > > at > > > > > org.apache.airavata.rest.client.RegistryClient.getEventingServiceURI(Registr > > yClient.java:164) > > at > > > > > org.apache.airavata.client.AiravataClient.createConfig(AiravataClient.java:1 > > 15) > > > > Please let me know if I am missing something here. For most of the GSOC > > projects, we are developing webapp and I believe this would play an > > important role. > > > > Thanks > > Viknes > > > -- Supun Kamburugamuva Member, Apache Software Foundation; http://www.apache.org E-mail: supun06@gmail.com; Mobile: +1 812 369 6762 Blog: http://supunk.blogspot.com --089e0103e4ce626d7004def42606--