You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stanbol.apache.org by Julien Villepoux <jv...@gmail.com> on 2013/11/07 13:32:59 UTC
Stanbol problem : access restricted ressource via Ajax
Hello, I use Stanbol for a project and I add this 3 bundles :
org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
org.apache.stanbol.commons.security.core : 0.12.0-snapshot
org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
The problem is that I can't access to access restricted resources with Ajax
request.
When I used Curl I get attended answer :
*Curl --user "admin:admin" –H "Accept :application/rdf+xml"
"http://localhost:8080/ <http://localhost:8080/>*
*user-management/users/bob/rolesCheckboxes"*
When I try to do the same thing with Ajax/Jquery*.*
*function getPwd(admin,passwd){ var l =
admin; var p = passwd; var
bytes = CryptoJS.enc.Utf8.parse(l + ":" + p); return
"Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
var pw = getPwd("admin","admin");
console.log(pw); var rdfdata $.ajax({
url : "http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
<http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
type : "GET", beforeSend: function (xhr)
{
xhr.setRequestHeader("Authorization",
pw); xhr.withCredentials = true;
}, dataType : "xml",
cache:false, async:false, success:
function(data){ console.warn("success");
}, error: function(xhr,ajaxOptions,thrownError){
console.error("Error !!!!"); } });*
We have this answer in Chrome :
Failed to load resource: Origin http://127.0.0.1 is not allowed by
Access-Control-Allow-Origin
http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
XMLHttpRequest cannot load
http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080.
Origin http://127.0.0.1 is not allowed by Access-Control-Allow-Origin.
And in FF:
Reload the page to get source for:
http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
We try to add this in UserResource.java in UserManagement bundle without
sucess :
* @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
ResponseBuilder res = Response.ok(); //enableCORS(servletContext,res,
headers); res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Authorization");
res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
return res.build(); }*
I think, we need to add "Authorization" header in OPTIONS. But With the new
architecture We don't find how to do it. We seen the configuration point
for jersey [1] and try to add "authorization" header, but i think it's not
enough.
Thanks you for you help !
Julien VILLEPOUX
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Reto Gmür <re...@wymiwyg.com>.
Hi Furkan
Afaict CORS ist still missing in the trunk of Stanbol. I think it should be
added via a servlet filter.
Cheers,
Reto
On Fri, Apr 11, 2014 at 10:10 PM, Furkan KAMACI <fu...@gmail.com>wrote:
> Hi Julien;
>
> This is an old conversation but do you still need help with CORS?
>
> Thanks;
> Furkan KAMACI
> 21 Kas 2013 22:26 tarihinde "Reto Bachmann-Gmür" <re...@apache.org> yazdı:
>
> > Hi Julien
> >
> > Just about to leave for holidays. For CORS related question Rupert is
> more
> > competent than me, for the user manager Danny is the expert.
> >
> > Cheers,
> > Reto
> >
> >
> > On Thu, Nov 21, 2013 at 9:51 AM, Julien Villepoux <
> > jvillepoux.ooffee@gmail.com> wrote:
> >
> > > Hi Reto,
> > >
> > > Access by script from another host is what I try (and have to) achieve.
> > >
> > > Ajax script and Stanbol will not be on the same FQDN.
> > >
> > > That's why I try to add the CORS header (
> res.header("Access-Control-All
> > > ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
> > > @Path("users/*") ).
> > >
> > > But this don't seems to work...
> > >
> > > As options is not set in the User resource, how this is actually
> managed
> > ?
> > >
> > > Thanks.
> > >
> > >
> > > 2013/11/19 Reto Bachmann-Gmür <re...@wymiwyg.com>
> > >
> > > > Hi Julien
> > > >
> > > > Sorry for the late reply. I see the error "Origin http://127.0.0.1is
> > > not
> > > > allowed by Access-Control-Allow-Origin." seems to be related to the
> > fact
> > > > that the script is trying to access another host than it is
> originating
> > > > from. Can't you deploy the document to the same host that you're
> > > accessing?
> > > > Ideally obsoleting any absolute URI in the script.
> > > >
> > > > Cheers,
> > > > Reto
> > > >
> > > >
> > > > On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> > > > jvillepoux.ooffee@gmail.com> wrote:
> > > >
> > > > > Hi Reto !
> > > > > I understand too late that you were in Fusepool Workshop ... I was
> > > there
> > > > > too ...
> > > > >
> > > > > So as you told me... I change my ajax request like this :
> > > > >
> > > > > $.ajax({
> > > > > url : "
> > > > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
> > > > > type : "GET",
> > > > > beforeSend: function (xhr) {
> > > > >
> > > > > xhr.setRequestHeader("Authorization", pw);
> > > > > xhr.withCredentials = true;
> > > > > },
> > > > > headers : {"Accept":"application/rdf+xml"},
> > > > > dataType : "xml",
> > > > > cache:false,
> > > > > async:false,
> > > > > success: function(data){
> > > > > console.warn("success");
> > > > > },
> > > > > error: function(xhr,ajaxOptions,thrownError){
> > > > > console.error("Error !!!!");
> > > > > }
> > > > > });
> > > > >
> > > > > The response is still not good.
> > > > >
> > > > >
> > > > >
> > > > > I could not understand why ?
> > > > > Do you have any idea ?
> > > > >
> > > > > Thanks you again.
> > > > > Julien VILLEPOUX
> > > > >
> > > > >
> > > > > 2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
> > > > >
> > > > > > Hi Julien
> > > > > >
> > > > > > I see that with curl you're setting the accept header to rdf/xml
> > but
> > > > not
> > > > > > with the jquery client. Is this intentional?
> > > > > >
> > > > > > Cheers,
> > > > > > Reto
> > > > > >
> > > > > >
> > > > > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > > > > jvillepoux.ooffee@gmail.com> wrote:
> > > > > >
> > > > > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > > > > >
> > > > > > > org.apache.stanbol.commons.security.fexilwebconsole :
> > > 0.12.0-Snapshot
> > > > > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > > > > org.apache.stanbol.commons.security.usermanagement :
> > > 0.12.0-snapshot
> > > > > > >
> > > > > > > The problem is that I can't access to access restricted
> resources
> > > > with
> > > > > > Ajax
> > > > > > > request.
> > > > > > >
> > > > > > >
> > > > > > > When I used Curl I get attended answer :
> > > > > > >
> > > > > > > *Curl --user "admin:admin" -H "Accept :application/rdf+xml"
> > > > > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > > > > *user-management/users/bob/rolesCheckboxes"*
> > > > > > >
> > > > > > >
> > > > > > > When I try to do the same thing with Ajax/Jquery*.*
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > *function getPwd(admin,passwd){ var l =
> > > > > > > admin; var p = passwd;
> > > > > var
> > > > > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > > > > return
> > > > > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes);
> }
> > > > > > > var pw = getPwd("admin","admin");
> > > > > > > console.log(pw); var rdfdata $.ajax({
> > > > > > > url : "
> > > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > > > > <
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > >",
> > > > > > > type : "GET", beforeSend: function (xhr)
> > > > > > > {
> > > > > > > xhr.setRequestHeader("Authorization",
> > > > > > > pw);
> xhr.withCredentials =
> > > > true;
> > > > > > > }, dataType :
> > "xml",
> > > > > > > cache:false, async:false,
> > > > > success:
> > > > > > > function(data){ console.warn("success");
> > > > > > > }, error:
> > function(xhr,ajaxOptions,thrownError){
> > > > > > > console.error("Error !!!!"); }
> > > > > });*
> > > > > > >
> > > > > > > We have this answer in Chrome :
> > > > > > > Failed to load resource: Origin http://127.0.0.1 is not
> allowed
> > by
> > > > > > > Access-Control-Allow-Origin
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > > > XMLHttpRequest cannot load
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > > > .
> > > > > > > Origin http://127.0.0.1 is not allowed by
> > > > Access-Control-Allow-Origin.
> > > > > > >
> > > > > > > And in FF:
> > > > > > >
> > > > > > > Reload the page to get source for:
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > > > > >
> > > > > > > We try to add this in UserResource.java in UserManagement
> bundle
> > > > > without
> > > > > > > sucess :
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > * @OPTIONS @Path("users/*") public Response
> > > handleCorsPreflight(){
> > > > > > > ResponseBuilder res = Response.ok();
> > > > > > //enableCORS(servletContext,res,
> > > > > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > > > > res.header("Access-Control-Allow-Methods", "GET, POST,
> OPTIONS");
> > > > > > > return res.build(); }*
> > > > > > >
> > > > > > > I think, we need to add "Authorization" header in OPTIONS. But
> > With
> > > > the
> > > > > > new
> > > > > > > architecture We don't find how to do it. We seen the
> > configuration
> > > > > point
> > > > > > > for jersey [1] and try to add "authorization" header, but i
> think
> > > > it's
> > > > > > not
> > > > > > > enough.
> > > > > > >
> > > > > > > Thanks you for you help !
> > > > > > > Julien VILLEPOUX
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Furkan KAMACI <fu...@gmail.com>.
Hi Julien;
This is an old conversation but do you still need help with CORS?
Thanks;
Furkan KAMACI
21 Kas 2013 22:26 tarihinde "Reto Bachmann-Gmür" <re...@apache.org> yazdı:
> Hi Julien
>
> Just about to leave for holidays. For CORS related question Rupert is more
> competent than me, for the user manager Danny is the expert.
>
> Cheers,
> Reto
>
>
> On Thu, Nov 21, 2013 at 9:51 AM, Julien Villepoux <
> jvillepoux.ooffee@gmail.com> wrote:
>
> > Hi Reto,
> >
> > Access by script from another host is what I try (and have to) achieve.
> >
> > Ajax script and Stanbol will not be on the same FQDN.
> >
> > That's why I try to add the CORS header ( res.header("Access-Control-All
> > ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
> > @Path("users/*") ).
> >
> > But this don't seems to work...
> >
> > As options is not set in the User resource, how this is actually managed
> ?
> >
> > Thanks.
> >
> >
> > 2013/11/19 Reto Bachmann-Gmür <re...@wymiwyg.com>
> >
> > > Hi Julien
> > >
> > > Sorry for the late reply. I see the error "Origin http://127.0.0.1 is
> > not
> > > allowed by Access-Control-Allow-Origin." seems to be related to the
> fact
> > > that the script is trying to access another host than it is originating
> > > from. Can't you deploy the document to the same host that you're
> > accessing?
> > > Ideally obsoleting any absolute URI in the script.
> > >
> > > Cheers,
> > > Reto
> > >
> > >
> > > On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> > > jvillepoux.ooffee@gmail.com> wrote:
> > >
> > > > Hi Reto !
> > > > I understand too late that you were in Fusepool Workshop ... I was
> > there
> > > > too ...
> > > >
> > > > So as you told me... I change my ajax request like this :
> > > >
> > > > $.ajax({
> > > > url : "
> > > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
> > > > type : "GET",
> > > > beforeSend: function (xhr) {
> > > >
> > > > xhr.setRequestHeader("Authorization", pw);
> > > > xhr.withCredentials = true;
> > > > },
> > > > headers : {"Accept":"application/rdf+xml"},
> > > > dataType : "xml",
> > > > cache:false,
> > > > async:false,
> > > > success: function(data){
> > > > console.warn("success");
> > > > },
> > > > error: function(xhr,ajaxOptions,thrownError){
> > > > console.error("Error !!!!");
> > > > }
> > > > });
> > > >
> > > > The response is still not good.
> > > >
> > > >
> > > >
> > > > I could not understand why ?
> > > > Do you have any idea ?
> > > >
> > > > Thanks you again.
> > > > Julien VILLEPOUX
> > > >
> > > >
> > > > 2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
> > > >
> > > > > Hi Julien
> > > > >
> > > > > I see that with curl you're setting the accept header to rdf/xml
> but
> > > not
> > > > > with the jquery client. Is this intentional?
> > > > >
> > > > > Cheers,
> > > > > Reto
> > > > >
> > > > >
> > > > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > > > jvillepoux.ooffee@gmail.com> wrote:
> > > > >
> > > > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > > > >
> > > > > > org.apache.stanbol.commons.security.fexilwebconsole :
> > 0.12.0-Snapshot
> > > > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > > > org.apache.stanbol.commons.security.usermanagement :
> > 0.12.0-snapshot
> > > > > >
> > > > > > The problem is that I can't access to access restricted resources
> > > with
> > > > > Ajax
> > > > > > request.
> > > > > >
> > > > > >
> > > > > > When I used Curl I get attended answer :
> > > > > >
> > > > > > *Curl --user "admin:admin" -H "Accept :application/rdf+xml"
> > > > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > > > *user-management/users/bob/rolesCheckboxes"*
> > > > > >
> > > > > >
> > > > > > When I try to do the same thing with Ajax/Jquery*.*
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > *function getPwd(admin,passwd){ var l =
> > > > > > admin; var p = passwd;
> > > > var
> > > > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > > > return
> > > > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > > > > var pw = getPwd("admin","admin");
> > > > > > console.log(pw); var rdfdata $.ajax({
> > > > > > url : "
> > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > >",
> > > > > > type : "GET", beforeSend: function (xhr)
> > > > > > {
> > > > > > xhr.setRequestHeader("Authorization",
> > > > > > pw); xhr.withCredentials =
> > > true;
> > > > > > }, dataType :
> "xml",
> > > > > > cache:false, async:false,
> > > > success:
> > > > > > function(data){ console.warn("success");
> > > > > > }, error:
> function(xhr,ajaxOptions,thrownError){
> > > > > > console.error("Error !!!!"); }
> > > > });*
> > > > > >
> > > > > > We have this answer in Chrome :
> > > > > > Failed to load resource: Origin http://127.0.0.1 is not allowed
> by
> > > > > > Access-Control-Allow-Origin
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > > XMLHttpRequest cannot load
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > > .
> > > > > > Origin http://127.0.0.1 is not allowed by
> > > Access-Control-Allow-Origin.
> > > > > >
> > > > > > And in FF:
> > > > > >
> > > > > > Reload the page to get source for:
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > > > >
> > > > > > We try to add this in UserResource.java in UserManagement bundle
> > > > without
> > > > > > sucess :
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > * @OPTIONS @Path("users/*") public Response
> > handleCorsPreflight(){
> > > > > > ResponseBuilder res = Response.ok();
> > > > > //enableCORS(servletContext,res,
> > > > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > > > > return res.build(); }*
> > > > > >
> > > > > > I think, we need to add "Authorization" header in OPTIONS. But
> With
> > > the
> > > > > new
> > > > > > architecture We don't find how to do it. We seen the
> configuration
> > > > point
> > > > > > for jersey [1] and try to add "authorization" header, but i think
> > > it's
> > > > > not
> > > > > > enough.
> > > > > >
> > > > > > Thanks you for you help !
> > > > > > Julien VILLEPOUX
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Reto Bachmann-Gmür <re...@apache.org>.
Hi Julien
Just about to leave for holidays. For CORS related question Rupert is more
competent than me, for the user manager Danny is the expert.
Cheers,
Reto
On Thu, Nov 21, 2013 at 9:51 AM, Julien Villepoux <
jvillepoux.ooffee@gmail.com> wrote:
> Hi Reto,
>
> Access by script from another host is what I try (and have to) achieve.
>
> Ajax script and Stanbol will not be on the same FQDN.
>
> That's why I try to add the CORS header ( res.header("Access-Control-All
> ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
> @Path("users/*") ).
>
> But this don't seems to work...
>
> As options is not set in the User resource, how this is actually managed ?
>
> Thanks.
>
>
> 2013/11/19 Reto Bachmann-Gmür <re...@wymiwyg.com>
>
> > Hi Julien
> >
> > Sorry for the late reply. I see the error "Origin http://127.0.0.1 is
> not
> > allowed by Access-Control-Allow-Origin." seems to be related to the fact
> > that the script is trying to access another host than it is originating
> > from. Can't you deploy the document to the same host that you're
> accessing?
> > Ideally obsoleting any absolute URI in the script.
> >
> > Cheers,
> > Reto
> >
> >
> > On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> > jvillepoux.ooffee@gmail.com> wrote:
> >
> > > Hi Reto !
> > > I understand too late that you were in Fusepool Workshop ... I was
> there
> > > too ...
> > >
> > > So as you told me... I change my ajax request like this :
> > >
> > > $.ajax({
> > > url : "
> > > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
> > > type : "GET",
> > > beforeSend: function (xhr) {
> > >
> > > xhr.setRequestHeader("Authorization", pw);
> > > xhr.withCredentials = true;
> > > },
> > > headers : {"Accept":"application/rdf+xml"},
> > > dataType : "xml",
> > > cache:false,
> > > async:false,
> > > success: function(data){
> > > console.warn("success");
> > > },
> > > error: function(xhr,ajaxOptions,thrownError){
> > > console.error("Error !!!!");
> > > }
> > > });
> > >
> > > The response is still not good.
> > >
> > >
> > >
> > > I could not understand why ?
> > > Do you have any idea ?
> > >
> > > Thanks you again.
> > > Julien VILLEPOUX
> > >
> > >
> > > 2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
> > >
> > > > Hi Julien
> > > >
> > > > I see that with curl you're setting the accept header to rdf/xml but
> > not
> > > > with the jquery client. Is this intentional?
> > > >
> > > > Cheers,
> > > > Reto
> > > >
> > > >
> > > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > > jvillepoux.ooffee@gmail.com> wrote:
> > > >
> > > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > > >
> > > > > org.apache.stanbol.commons.security.fexilwebconsole :
> 0.12.0-Snapshot
> > > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > > org.apache.stanbol.commons.security.usermanagement :
> 0.12.0-snapshot
> > > > >
> > > > > The problem is that I can't access to access restricted resources
> > with
> > > > Ajax
> > > > > request.
> > > > >
> > > > >
> > > > > When I used Curl I get attended answer :
> > > > >
> > > > > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > > *user-management/users/bob/rolesCheckboxes"*
> > > > >
> > > > >
> > > > > When I try to do the same thing with Ajax/Jquery*.*
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > *function getPwd(admin,passwd){ var l =
> > > > > admin; var p = passwd;
> > > var
> > > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > > return
> > > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > > > var pw = getPwd("admin","admin");
> > > > > console.log(pw); var rdfdata $.ajax({
> > > > > url : "
> > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> >",
> > > > > type : "GET", beforeSend: function (xhr)
> > > > > {
> > > > > xhr.setRequestHeader("Authorization",
> > > > > pw); xhr.withCredentials =
> > true;
> > > > > }, dataType : "xml",
> > > > > cache:false, async:false,
> > > success:
> > > > > function(data){ console.warn("success");
> > > > > }, error: function(xhr,ajaxOptions,thrownError){
> > > > > console.error("Error !!!!"); }
> > > });*
> > > > >
> > > > > We have this answer in Chrome :
> > > > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > > > Access-Control-Allow-Origin
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > XMLHttpRequest cannot load
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > > .
> > > > > Origin http://127.0.0.1 is not allowed by
> > Access-Control-Allow-Origin.
> > > > >
> > > > > And in FF:
> > > > >
> > > > > Reload the page to get source for:
> > > > >
> > > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > > >
> > > > > We try to add this in UserResource.java in UserManagement bundle
> > > without
> > > > > sucess :
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > * @OPTIONS @Path("users/*") public Response
> handleCorsPreflight(){
> > > > > ResponseBuilder res = Response.ok();
> > > > //enableCORS(servletContext,res,
> > > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > > > return res.build(); }*
> > > > >
> > > > > I think, we need to add "Authorization" header in OPTIONS. But With
> > the
> > > > new
> > > > > architecture We don't find how to do it. We seen the configuration
> > > point
> > > > > for jersey [1] and try to add "authorization" header, but i think
> > it's
> > > > not
> > > > > enough.
> > > > >
> > > > > Thanks you for you help !
> > > > > Julien VILLEPOUX
> > > > >
> > > >
> > >
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Julien Villepoux <jv...@gmail.com>.
Hi Reto,
Access by script from another host is what I try (and have to) achieve.
Ajax script and Stanbol will not be on the same FQDN.
That's why I try to add the CORS header ( res.header("Access-Control-All
ow-Origin", "*"); ) to options in the Users ressource : (@OPTIONS
@Path("users/*") ).
But this don't seems to work...
As options is not set in the User resource, how this is actually managed ?
Thanks.
2013/11/19 Reto Bachmann-Gmür <re...@wymiwyg.com>
> Hi Julien
>
> Sorry for the late reply. I see the error "Origin http://127.0.0.1 is not
> allowed by Access-Control-Allow-Origin." seems to be related to the fact
> that the script is trying to access another host than it is originating
> from. Can't you deploy the document to the same host that you're accessing?
> Ideally obsoleting any absolute URI in the script.
>
> Cheers,
> Reto
>
>
> On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
> jvillepoux.ooffee@gmail.com> wrote:
>
> > Hi Reto !
> > I understand too late that you were in Fusepool Workshop ... I was there
> > too ...
> >
> > So as you told me... I change my ajax request like this :
> >
> > $.ajax({
> > url : "
> > http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
> > type : "GET",
> > beforeSend: function (xhr) {
> >
> > xhr.setRequestHeader("Authorization", pw);
> > xhr.withCredentials = true;
> > },
> > headers : {"Accept":"application/rdf+xml"},
> > dataType : "xml",
> > cache:false,
> > async:false,
> > success: function(data){
> > console.warn("success");
> > },
> > error: function(xhr,ajaxOptions,thrownError){
> > console.error("Error !!!!");
> > }
> > });
> >
> > The response is still not good.
> >
> >
> >
> > I could not understand why ?
> > Do you have any idea ?
> >
> > Thanks you again.
> > Julien VILLEPOUX
> >
> >
> > 2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
> >
> > > Hi Julien
> > >
> > > I see that with curl you're setting the accept header to rdf/xml but
> not
> > > with the jquery client. Is this intentional?
> > >
> > > Cheers,
> > > Reto
> > >
> > >
> > > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > > jvillepoux.ooffee@gmail.com> wrote:
> > >
> > > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > > >
> > > > org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> > > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > > org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
> > > >
> > > > The problem is that I can't access to access restricted resources
> with
> > > Ajax
> > > > request.
> > > >
> > > >
> > > > When I used Curl I get attended answer :
> > > >
> > > > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > > > "http://localhost:8080/ <http://localhost:8080/>*
> > > > *user-management/users/bob/rolesCheckboxes"*
> > > >
> > > >
> > > > When I try to do the same thing with Ajax/Jquery*.*
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > *function getPwd(admin,passwd){ var l =
> > > > admin; var p = passwd;
> > var
> > > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > > return
> > > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > > var pw = getPwd("admin","admin");
> > > > console.log(pw); var rdfdata $.ajax({
> > > > url : "
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> > > > type : "GET", beforeSend: function (xhr)
> > > > {
> > > > xhr.setRequestHeader("Authorization",
> > > > pw); xhr.withCredentials =
> true;
> > > > }, dataType : "xml",
> > > > cache:false, async:false,
> > success:
> > > > function(data){ console.warn("success");
> > > > }, error: function(xhr,ajaxOptions,thrownError){
> > > > console.error("Error !!!!"); }
> > });*
> > > >
> > > > We have this answer in Chrome :
> > > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > > Access-Control-Allow-Origin
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > XMLHttpRequest cannot load
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > > .
> > > > Origin http://127.0.0.1 is not allowed by
> Access-Control-Allow-Origin.
> > > >
> > > > And in FF:
> > > >
> > > > Reload the page to get source for:
> > > >
> > > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > > >
> > > > We try to add this in UserResource.java in UserManagement bundle
> > without
> > > > sucess :
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > * @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
> > > > ResponseBuilder res = Response.ok();
> > > //enableCORS(servletContext,res,
> > > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > > return res.build(); }*
> > > >
> > > > I think, we need to add "Authorization" header in OPTIONS. But With
> the
> > > new
> > > > architecture We don't find how to do it. We seen the configuration
> > point
> > > > for jersey [1] and try to add "authorization" header, but i think
> it's
> > > not
> > > > enough.
> > > >
> > > > Thanks you for you help !
> > > > Julien VILLEPOUX
> > > >
> > >
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Reto Bachmann-Gmür <re...@wymiwyg.com>.
Hi Julien
Sorry for the late reply. I see the error "Origin http://127.0.0.1 is not
allowed by Access-Control-Allow-Origin." seems to be related to the fact
that the script is trying to access another host than it is originating
from. Can't you deploy the document to the same host that you're accessing?
Ideally obsoleting any absolute URI in the script.
Cheers,
Reto
On Fri, Nov 15, 2013 at 12:20 PM, Julien Villepoux <
jvillepoux.ooffee@gmail.com> wrote:
> Hi Reto !
> I understand too late that you were in Fusepool Workshop ... I was there
> too ...
>
> So as you told me... I change my ajax request like this :
>
> $.ajax({
> url : "
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
> type : "GET",
> beforeSend: function (xhr) {
>
> xhr.setRequestHeader("Authorization", pw);
> xhr.withCredentials = true;
> },
> headers : {"Accept":"application/rdf+xml"},
> dataType : "xml",
> cache:false,
> async:false,
> success: function(data){
> console.warn("success");
> },
> error: function(xhr,ajaxOptions,thrownError){
> console.error("Error !!!!");
> }
> });
>
> The response is still not good.
>
>
>
> I could not understand why ?
> Do you have any idea ?
>
> Thanks you again.
> Julien VILLEPOUX
>
>
> 2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
>
> > Hi Julien
> >
> > I see that with curl you're setting the accept header to rdf/xml but not
> > with the jquery client. Is this intentional?
> >
> > Cheers,
> > Reto
> >
> >
> > On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> > jvillepoux.ooffee@gmail.com> wrote:
> >
> > > Hello, I use Stanbol for a project and I add this 3 bundles :
> > >
> > > org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> > > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > > org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
> > >
> > > The problem is that I can't access to access restricted resources with
> > Ajax
> > > request.
> > >
> > >
> > > When I used Curl I get attended answer :
> > >
> > > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > > "http://localhost:8080/ <http://localhost:8080/>*
> > > *user-management/users/bob/rolesCheckboxes"*
> > >
> > >
> > > When I try to do the same thing with Ajax/Jquery*.*
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > *function getPwd(admin,passwd){ var l =
> > > admin; var p = passwd;
> var
> > > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> > return
> > > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > > var pw = getPwd("admin","admin");
> > > console.log(pw); var rdfdata $.ajax({
> > > url : "http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> > > type : "GET", beforeSend: function (xhr)
> > > {
> > > xhr.setRequestHeader("Authorization",
> > > pw); xhr.withCredentials = true;
> > > }, dataType : "xml",
> > > cache:false, async:false,
> success:
> > > function(data){ console.warn("success");
> > > }, error: function(xhr,ajaxOptions,thrownError){
> > > console.error("Error !!!!"); }
> });*
> > >
> > > We have this answer in Chrome :
> > > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > > Access-Control-Allow-Origin
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > XMLHttpRequest cannot load
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > > .
> > > Origin http://127.0.0.1 is not allowed by Access-Control-Allow-Origin.
> > >
> > > And in FF:
> > >
> > > Reload the page to get source for:
> > >
> > >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> > >
> > > We try to add this in UserResource.java in UserManagement bundle
> without
> > > sucess :
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > * @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
> > > ResponseBuilder res = Response.ok();
> > //enableCORS(servletContext,res,
> > > headers); res.header("Access-Control-Allow-Origin", "*");
> > > res.header("Access-Control-Allow-Headers", "Authorization");
> > > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > > return res.build(); }*
> > >
> > > I think, we need to add "Authorization" header in OPTIONS. But With the
> > new
> > > architecture We don't find how to do it. We seen the configuration
> point
> > > for jersey [1] and try to add "authorization" header, but i think it's
> > not
> > > enough.
> > >
> > > Thanks you for you help !
> > > Julien VILLEPOUX
> > >
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Julien Villepoux <jv...@gmail.com>.
Hi Reto !
I understand too late that you were in Fusepool Workshop ... I was there
too ...
So as you told me... I change my ajax request like this :
$.ajax({
url : "
http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes",
type : "GET",
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", pw);
xhr.withCredentials = true;
},
headers : {"Accept":"application/rdf+xml"},
dataType : "xml",
cache:false,
async:false,
success: function(data){
console.warn("success");
},
error: function(xhr,ajaxOptions,thrownError){
console.error("Error !!!!");
}
});
The response is still not good.
I could not understand why ?
Do you have any idea ?
Thanks you again.
Julien VILLEPOUX
2013/11/13 Reto Bachmann-Gmür <re...@apache.org>
> Hi Julien
>
> I see that with curl you're setting the accept header to rdf/xml but not
> with the jquery client. Is this intentional?
>
> Cheers,
> Reto
>
>
> On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
> jvillepoux.ooffee@gmail.com> wrote:
>
> > Hello, I use Stanbol for a project and I add this 3 bundles :
> >
> > org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> > org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> > org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
> >
> > The problem is that I can't access to access restricted resources with
> Ajax
> > request.
> >
> >
> > When I used Curl I get attended answer :
> >
> > *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> > "http://localhost:8080/ <http://localhost:8080/>*
> > *user-management/users/bob/rolesCheckboxes"*
> >
> >
> > When I try to do the same thing with Ajax/Jquery*.*
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > *function getPwd(admin,passwd){ var l =
> > admin; var p = passwd; var
> > bytes = CryptoJS.enc.Utf8.parse(l + ":" + p);
> return
> > "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> > var pw = getPwd("admin","admin");
> > console.log(pw); var rdfdata $.ajax({
> > url : "http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> > <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> > type : "GET", beforeSend: function (xhr)
> > {
> > xhr.setRequestHeader("Authorization",
> > pw); xhr.withCredentials = true;
> > }, dataType : "xml",
> > cache:false, async:false, success:
> > function(data){ console.warn("success");
> > }, error: function(xhr,ajaxOptions,thrownError){
> > console.error("Error !!!!"); } });*
> >
> > We have this answer in Chrome :
> > Failed to load resource: Origin http://127.0.0.1 is not allowed by
> > Access-Control-Allow-Origin
> >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > XMLHttpRequest cannot load
> >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> > .
> > Origin http://127.0.0.1 is not allowed by Access-Control-Allow-Origin.
> >
> > And in FF:
> >
> > Reload the page to get source for:
> >
> >
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
> >
> > We try to add this in UserResource.java in UserManagement bundle without
> > sucess :
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > * @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
> > ResponseBuilder res = Response.ok();
> //enableCORS(servletContext,res,
> > headers); res.header("Access-Control-Allow-Origin", "*");
> > res.header("Access-Control-Allow-Headers", "Authorization");
> > res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> > return res.build(); }*
> >
> > I think, we need to add "Authorization" header in OPTIONS. But With the
> new
> > architecture We don't find how to do it. We seen the configuration point
> > for jersey [1] and try to add "authorization" header, but i think it's
> not
> > enough.
> >
> > Thanks you for you help !
> > Julien VILLEPOUX
> >
>
Re: Stanbol problem : access restricted ressource via Ajax
Posted by Reto Bachmann-Gmür <re...@apache.org>.
Hi Julien
I see that with curl you're setting the accept header to rdf/xml but not
with the jquery client. Is this intentional?
Cheers,
Reto
On Thu, Nov 7, 2013 at 1:32 PM, Julien Villepoux <
jvillepoux.ooffee@gmail.com> wrote:
> Hello, I use Stanbol for a project and I add this 3 bundles :
>
> org.apache.stanbol.commons.security.fexilwebconsole : 0.12.0-Snapshot
> org.apache.stanbol.commons.security.core : 0.12.0-snapshot
> org.apache.stanbol.commons.security.usermanagement : 0.12.0-snapshot
>
> The problem is that I can't access to access restricted resources with Ajax
> request.
>
>
> When I used Curl I get attended answer :
>
> *Curl --user "admin:admin" –H "Accept :application/rdf+xml"
> "http://localhost:8080/ <http://localhost:8080/>*
> *user-management/users/bob/rolesCheckboxes"*
>
>
> When I try to do the same thing with Ajax/Jquery*.*
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *function getPwd(admin,passwd){ var l =
> admin; var p = passwd; var
> bytes = CryptoJS.enc.Utf8.parse(l + ":" + p); return
> "Basic "+ CryptoJS.enc.Base64.stringify(bytes); }
> var pw = getPwd("admin","admin");
> console.log(pw); var rdfdata $.ajax({
> url : "http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes
> <http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes>",
> type : "GET", beforeSend: function (xhr)
> {
> xhr.setRequestHeader("Authorization",
> pw); xhr.withCredentials = true;
> }, dataType : "xml",
> cache:false, async:false, success:
> function(data){ console.warn("success");
> }, error: function(xhr,ajaxOptions,thrownError){
> console.error("Error !!!!"); } });*
>
> We have this answer in Chrome :
> Failed to load resource: Origin http://127.0.0.1 is not allowed by
> Access-Control-Allow-Origin
>
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> XMLHttpRequest cannot load
>
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818544080
> .
> Origin http://127.0.0.1 is not allowed by Access-Control-Allow-Origin.
>
> And in FF:
>
> Reload the page to get source for:
>
> http://127.0.0.1:8080/user-management/users/bob/rolesCheckboxes?_=1383818621511
>
> We try to add this in UserResource.java in UserManagement bundle without
> sucess :
>
>
>
>
>
>
>
>
>
>
>
> * @OPTIONS @Path("users/*") public Response handleCorsPreflight(){
> ResponseBuilder res = Response.ok(); //enableCORS(servletContext,res,
> headers); res.header("Access-Control-Allow-Origin", "*");
> res.header("Access-Control-Allow-Headers", "Authorization");
> res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
> return res.build(); }*
>
> I think, we need to add "Authorization" header in OPTIONS. But With the new
> architecture We don't find how to do it. We seen the configuration point
> for jersey [1] and try to add "authorization" header, but i think it's not
> enough.
>
> Thanks you for you help !
> Julien VILLEPOUX
>