Hi Reto,
Access by script from another host is what I try (and have to) achieve.
Ajax script and Stanbol will not be on the same FQDN.
That's why I try to add the CORS header ( res.header("Access-Control-All
ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
@Path("users/*") ).
But this don't seems to work...
As options is not set in the User resource, how this is actually managed ?
Thanks.
2013/11/19 Reto Bachmann-Gmür <[email protected]>
> Hi Julien
>
> Sorry for the late reply. I see the error "Origin http://127.0.0.1 is not
> allowed by Access-Control-Allow-Origin." seems to be related to the fact
> that the script is trying to access another host than it is originating
> from. Can't you deploy the document to the same host that you're accessing?
> Ideally obsoleting any absolute URI in the script.
>
> Cheers,
> Reto
>
>
> On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> [email protected]> wrote:
>
> > Hi Reto !
> > I understand too late that you were in Fusepool Workshop ... I was there
> > too ...
> >
> > So as you told me... I change my ajax request like this :
> >
> > $.ajax({
> > url : "
> > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes";,
> > type : "GET",
> > beforeSend: function (xhr) {
> >
> > xhr.setRequestHeader("Authorization", pw);
> > xhr.withCredentials = true;
> > },
> > headers : {"Accept":"application/rdf+xml"},
> > dataType : "xml",
> > cache:false,
> > async:false,
> > success: function(data){
> > console.warn("success");
> > },
> > error: function(xhr,ajaxOptions,thrownError){
> > console.error("Error !!!!");
> > }
> > });
> >
> > The response is still not good.
> >
> >
> >
> > I could not understand why ?
> > Do you have any idea ?
> >
> > Thanks you again.
> > Julien VILLEPOUX
> >
> >
> > 2013/11/13 Reto Bachmann-Gmür <[email protected]>
> >
> > > Hi Julien
> > >
> > > I see that with curl you're setting the accept header to rdf/xml but
> not
> > > with the jquery client. Is this intentional?
> > >
> > > Cheers,
> > > Reto
> > >
> > >
> > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > [email protected]> wrote:
> > >
> > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > >
> > > > org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
> > > >
> > > > The problem is that I can't access to access restricted resources
> with
> > > Ajax
> > > > request.
> > > >
> > > >
> > > > When I used Curl I get attended answer :
> > > >
> > > > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > *user-management/users/bob/rolesCheckboxes"*
> > > >
> > > >
> > > > When I try to do the same thing with Ajax/Jquery*.*
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > *function getPwd(admin,passwd){ var l =
> > > > admin; var p = passwd;
> > var
> > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > return
> > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > > var pw = getPwd("admin","admin");
> > > > console.log(pw); var rdfdata $.ajax({
> > > > url : "
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> > > > type : "GET", beforeSend: function (xhr)
> > > > {
> > > > xhr.setRequestHeader("Authorization",
> > > > pw); xhr.withCredentials =
> true;
> > > > }, dataType : "xml",
> > > > cache:false, async:false,
> > success:
> > > > function(data){ console.warn("success");
> > > > }, error: function(xhr,ajaxOptions,thrownError){
> > > > console.error("Error !!!!"); }
> > });*
> > > >
> > > > We have this answer in Chrome :
> > > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > > Access-Control-Allow-Origin
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > XMLHttpRequest cannot load
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > .
> > > > Origin http://127.0.0.1 is not allowed by
> Access-Control-Allow-Origin.
> > > >
> > > > And in FF:
> > > >
> > > > Reload the page to get source for:
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > >
> > > > We try to add this in UserResource.java in UserManagement bundle
> > without
> > > > sucess :
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > * @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
> > > > ResponseBuilder res = Response.ok();
> > > //enableCORS(servletContext,res,
> > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > > return res.build(); }*
> > > >
> > > > I think, we need to add "Authorization" header in OPTIONS. But With
> the
> > > new
> > > > architecture We don't find how to do it. We seen the configuration
> > point
> > > > for jersey [1] and try to add "authorization" header, but i think
> it's
> > > not
> > > > enough.
> > > >
> > > > Thanks you for you help !
> > > > Julien VILLEPOUX
> > > >
> > >
> >
>
