Hi Kambiz, Thanks a lot for your valuable suggestion and the pull request.
Since Jaggery's XMLHttpReuest object supports username/password, I think we can easily merge your code in master branch. /Ruchira On Wed, Jan 22, 2014 at 11:18 AM, Kambiz Darabi <dar...@m-creations.com>wrote: > Hi Samisa, > > this thread rang a bell with me and I found something in my personal > notes. > > The XMLHttpRequest spec's definition of xhr.open already contains a > username/password argument for basic auth [1]. > > And according to Mozilla's XHR browser compatibility chart [2], all > desktop browsers are compatible. > > It would be simple to add support for it to jaggery. > > I have created a DRAFT and COMPLETELY UNTESTED pull request [3] which > sketches the idea, but unfortunately, I don't have the time to implement > that feature myself. > > Cheers > > > Kambiz > > [1] http://www.w3.org/TR/XMLHttpRequest/#the-open%28%29-method > > [2] > https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest#Browser_Compatibility > > [3] https://github.com/wso2/jaggery/pull/72 > > Samisa Abeysinghe <sam...@wso2.com> wrote: > > > > Yes this is what I was looking for. Thanks for the information. And we > > should document this > > > > Thanks, > > Samisa... > > > > Samisa Abeysinghe > > > > Vice President Developer Evangelism > > > > WSO2 Inc. > > http://wso2.com > > > > On Tue, Jan 21, 2014 at 6:29 PM, Kambiz Darabi > > <dar...@m-creations.com> wrote: > > > > Hi Samisa, > > > > I hope I understand your use case. > > > > I have successfully called Basic Auth secured REST services by > > creating an > > Authorization header in the jaggery code and sending the GET > > request > > with that header. > > > > Quoting from > > > > http://en.wikipedia.org/wiki/Basic_access_authentication#Client_side > > > > you can see that you just have to create a string > > username:password > > (separated by a colon) and encode it in base64, then you add an > > HTTP > > 'Authorization' header to the request which contains > > > > "Basic" + base64_encode( username + ":" + password); > > > > Here is an example of a js implementation of base64 encoding (I > > don't > > know what the licence is): > > > > http://phpjs.org/functions/base64_encode/ > > > > > > Is this what you are looking for? > > > > I could also dig out some code, when I get back to the office, if > > that > > is necessary. > > > > HTH > > > > > > > > Kambiz Darabi > > -- > > m-creations gmbh > > Acker 2 > > 55116 Mainz > > Germany > > > > W: http://www.m-creations.com > > E: dar...@m-creations.com > > T: +49 6131 6224417 > > F: +49 6131 6224418 > > -- > > Registered Office: Mainz, HRB Mainz 7382 > > Managing Directors: Frank Pacholak, Kambiz Darabi > > > > > > > > > > Samisa Abeysinghe <sam...@wso2.com> wrote: > > > > > > Do we have a sample around this? We need one! > > > > > > Thanks, > > > Samisa... > > > > > > Samisa Abeysinghe > > > > > > Vice President Developer Evangelism > > > > > > WSO2 Inc. > > > http://wso2.com > > > > > > On Tue, Jan 21, 2014 at 10:43 AM, Madhuka Udantha > > <madh...@wso2.com> > > > wrote: > > > > > > Hi Sudheera. > > > > > > > > > you can pass token as header or data[1] depending on your BE > > > service is expect. > > > > > > > > > get(url[, data][, headers][, type][, success(data, xhr)]) > > > > > > > > > [1] http://jaggeryjs.org/apidocs/get.jag > > > > > > > > > > > > > > > > > > On Tue, Jan 21, 2014 at 10:22 AM, Sudheera Palihakkara > > > <sudhe...@wso2.com> wrote: > > > > > > > > > > > > > > > Hi madhuka, > > > > > > > > > Yeah I'm referring to those, But I couldn't find any > > > documentation about how to send the security parameters with > > > the request. For example I have secured my data service with > > > UsernameToken method[1], so in oder to invoke the service I > > > have to send the username and the password with the request. > > > How to send those parameters with jaggery GET or POST methods? > > > > > > [1] > > > > > > http://docs.wso2.org/display/DSS311/Security+Implementation#SecurityImplementation- > > > 1UsernameToken > > > > > > > > > thank you all. :) > > > > > > > > > > > > > > > > > > > > > On Tue, Jan 21, 2014 at 10:13 AM, Madhuka Udantha > > > <madh...@wso2.com> wrote: > > > > > > > > > Hi Sudheera, > > > > > > > > > To call REST service you can try "Http Client" define in > > > jaggery, You can fine sample codes in jaggery > > > documentation as well. > > > > > > > > > > > * get()[1] > > > > > > * post() [2] > > > > > > * put() [3] > > > > > > * del() [4] > > > > > > > > > > > > > Thanks > > > > > > > > > [1] http://jaggeryjs.org/apidocs/get.jag > > > > > > [2] http://jaggeryjs.org/apidocs/post.jag > > > [3] http://jaggeryjs.org/apidocs/put.jag > > > [4] http://jaggeryjs.org/apidocs/del.jag > > > > > > > > > > > > > > > > > > On Tue, Jan 21, 2014 at 9:47 AM, Sudheera Palihakkara > > > <sudhe...@wso2.com> wrote: > > > > > > > > > > > > > > > Hi, > > > > > > Thank you for the reply. Can we use the WSRequest > > > object to invoke a REST resource defined in DSS? I > > > have followed this blog post so far[1], and using http > > > GET, POST, DELETE etc methods to invoke the REST > > > resources. > > > > > > [1] > > > http://blog.samisa.org/2014/01/rest-in-json-with-wso2-data- > > > services.html > > > > > > > > > thanks. > > > > > > > > > > > > > > > > > > > > > On Mon, Jan 20, 2014 at 6:33 PM, Ruchira Wageesha > > > <ruch...@wso2.com> wrote: > > > > > > > > > You can invoke the secured service using WSRequest > > > object of Jaggery. Please refer the doc at [1]. > > > Several sections of the article [2](written for > > > mashup server), would also be helpful. > > > > > > > > > /Ruchira > > > > > > > > > > > > [1] http://jaggeryjs.org/apidocs/ws.jag > > > [2] > > > http://ruchirawageesha.blogspot.com/2011/12/blog-post. > > > html > > > > > > > > > > > > > > > > > > On Mon, Jan 20, 2014 at 4:06 PM, Sudheera > > > Palihakkara <sudhe...@wso2.com> wrote: > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > > > > I have exposed a data service as a REST > > > resource and coded a Jaggery client for the > > > service. Now I want to secure this service, > > > using DSS I have already secured the service > > > with Username Token implementation, but I have > > > no idea how to write a Jaggery client to go > > > along with it. Is there are any documentation > > > or blog posts written on this? > > > > > > > > > Thank you. > > > > > > > > > _______________________________________________ > > > Dev mailing list > > > Dev@wso2.org > > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > > > > > > > > > -- > > > > > > Ruchira Wageesha > > > Associate Technical Lead > > > WSO2 Inc. - lean . enterprise . middleware | > > > wso2.com > > > > > > email: ruch...@wso2.com, blog: > > > ruchirawageesha.blogspot.com, mobile: +94 77 > > > 5493444 > > > > > > > > > > > > > > > _______________________________________________ > > > Dev mailing list > > > Dev@wso2.org > > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > > > > > > > > > -- > > > > > > Madhuka Udantha > > > > > > Senior Software Engineer > > > Development Technologies > > > WSO2 Inc. : http://wso2.com > > > > > > > > > Mobile: +94774066336 > > > Blog: http://madhukaudantha.blogspot.com/ > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > Madhuka Udantha > > > > > > Senior Software Engineer > > > Development Technologies > > > WSO2 Inc. : http://wso2.com > > > > > > > > > Mobile: +94774066336 > > > Blog: http://madhukaudantha.blogspot.com/ > > > > > > > > > _______________________________________________ > > > Dev mailing list > > > Dev@wso2.org > > > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > > > > > > > > > > _______________________________________________ > > > Dev mailing list > > > Dev@wso2.org > > > http://wso2.org/cgi-bin/mailman/listinfo/dev > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Ruchira Wageesha**Associate Technical Lead* *WSO2 Inc. - lean . enterprise . middleware | wso2.com <http://wso2.com>* *email: ruch...@wso2.com <ruch...@wso2.com>, blog: ruchirawageesha.blogspot.com <http://ruchirawageesha.blogspot.com>, mobile: +94 77 5493444*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
