You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@flex.apache.org by Tonic <an...@hotmail.fr> on 2014/09/18 09:36:21 UTC
HTTP Service - Basic Authentication - Access Forbidden Error 401
Hi everybody,
I try to access Web Services on Tomcat, secure with basic authentication.
So, in my header request (as same as examples in web), I added an
Authentication property, with user and password encoded in base64, as
explain here :
http://www.robert-nemet.com/2011/10/soapui-http-authentications-part-one.html
This is code :
<?xml version="1.0" encoding="utf-8"?>
<s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
xmlns:s="library://ns.adobe.com/flex/spark"
xmlns:mx="library://ns.adobe.com/flex/mx"
minWidth="955" minHeight="600"
xmlns:esri="http://www.esri.com/2008/ags"
creationComplete="application1_creationCompleteHandler(event)"
>
<fx:Script>
</fx:Script>
</s:Application>
When the service is launched, authentication popup appears, while the
request has been launched with authentication in header of request.
Have you got any idea of the problem ?
Thanks for your responses. :)
--
View this message in context: http://apache-flex-users.2333346.n4.nabble.com/HTTP-Service-Basic-Authentication-Access-Forbidden-Error-401-tp8064.html
Sent from the Apache Flex Users mailing list archive at Nabble.com.
Re: HTTP Service - Basic Authentication - Access Forbidden Error 401
Posted by Chris Martin <wi...@gmail.com>.
Hmm, okay, and the auth header is present based on your original email. I
think then if the auth header is send and you are still getting challenged,
then this means that the credentials may be incorrect. Can you decode the
auth header to see if the credentials are correct?
Chris
On Tue, Sep 23, 2014 at 12:20 AM, Tonic <an...@hotmail.fr> wrote:
> Hi Chris, thanks for your response :)
>
> I don't understand, I copy / past the script code, but its seems to be no
> appears in the post.
>
> This is the code in the Application :
>
> [code]
> protected function
> application1_creationCompleteHandler(event:FlexEvent):void
> {
> search('brest');
> }
>
> private function search(value : String):void
> {
> var url : String = "http://ip/services/"
> var urlLoader : URLLoader = new
> URLLoader();
> var request : URLRequest = new
> URLRequest(url);
> request.contentType = "application/json";
> request.data = new
> URLVariables("var1=toto&var2=tata");
> request.method = URLRequestMethod.POST;
>
> var encoder:Base64Encoder = new
> Base64Encoder();
> encoder.encode("user:pwd");
>
> var credsHeader:URLRequestHeader = new
> URLRequestHeader("Authorization",
> "Basic " + encoder.toString());
> request.requestHeaders.push(credsHeader);
>
> urlLoader.addEventListener(Event.COMPLETE,
> completeHandler);
>
> urlLoader.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
>
> urlLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR,
> securityErrorHandler);
> urlLoader.load(request);
> }
>
> private function log(value : String):void
> {
> trace(value);
> }
>
> protected function
> completeHandler(event:Event):void
> {
> log('completeHandler : '+event)
> }
>
> protected function
> securityErrorHandler(event:SecurityErrorEvent):void
> {
> log('securityErrorHandler : '+event)
> }
>
> protected function
> ioErrorHandler(event:IOErrorEvent):void
> {
> log('ioErrorHandler : '+event)
> }
> [/code]
>
> Thanks for your help.
>
>
>
> --
> View this message in context:
> http://apache-flex-users.2333346.n4.nabble.com/HTTP-Service-Basic-Authentication-Access-Forbidden-Error-401-tp8064p8101.html
> Sent from the Apache Flex Users mailing list archive at Nabble.com.
>
Re: HTTP Service - Basic Authentication - Access Forbidden Error
401
Posted by Tonic <an...@hotmail.fr>.
Hi Chris, thanks for your response :)
I don't understand, I copy / past the script code, but its seems to be no
appears in the post.
This is the code in the Application :
[code]
protected function
application1_creationCompleteHandler(event:FlexEvent):void
{
search('brest');
}
private function search(value : String):void
{
var url : String = "http://ip/services/"
var urlLoader : URLLoader = new URLLoader();
var request : URLRequest = new URLRequest(url);
request.contentType = "application/json";
request.data = new URLVariables("var1=toto&var2=tata");
request.method = URLRequestMethod.POST;
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode("user:pwd");
var credsHeader:URLRequestHeader = new URLRequestHeader("Authorization",
"Basic " + encoder.toString());
request.requestHeaders.push(credsHeader);
urlLoader.addEventListener(Event.COMPLETE, completeHandler);
urlLoader.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
urlLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR,
securityErrorHandler);
urlLoader.load(request);
}
private function log(value : String):void
{
trace(value);
}
protected function completeHandler(event:Event):void
{
log('completeHandler : '+event)
}
protected function securityErrorHandler(event:SecurityErrorEvent):void
{
log('securityErrorHandler : '+event)
}
protected function ioErrorHandler(event:IOErrorEvent):void
{
log('ioErrorHandler : '+event)
}
[/code]
Thanks for your help.
--
View this message in context: http://apache-flex-users.2333346.n4.nabble.com/HTTP-Service-Basic-Authentication-Access-Forbidden-Error-401-tp8064p8101.html
Sent from the Apache Flex Users mailing list archive at Nabble.com.
Re: HTTP Service - Basic Authentication - Access Forbidden Error 401
Posted by Chris Martin <wi...@gmail.com>.
Hey Tonic,
Do you happen to have the code where you build up your request? In the
above example we only have the empty application tag and script tag.
One thing to keep in mind when building authorization headers is that the
flash player only supports custom headers for POST requests. You cannot
supply authorization headers for GET requests. The headers get reset by
the flash player.
HTH, if not then please provide the code snip of the request being built up.
Regards,
Chris
On Thu, Sep 18, 2014 at 12:36 AM, Tonic <an...@hotmail.fr> wrote:
> Hi everybody,
>
> I try to access Web Services on Tomcat, secure with basic authentication.
>
> So, in my header request (as same as examples in web), I added an
> Authentication property, with user and password encoded in base64, as
> explain here :
>
>
> http://www.robert-nemet.com/2011/10/soapui-http-authentications-part-one.html
>
> This is code :
>
>
> <?xml version="1.0" encoding="utf-8"?>
> <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
> xmlns:s="library://ns.adobe.com/flex/spark"
> xmlns:mx="library://ns.adobe.com/flex/mx"
> minWidth="955" minHeight="600"
> xmlns:esri="http://www.esri.com/2008/ags"
>
> creationComplete="application1_creationCompleteHandler(event)"
> >
>
> <fx:Script>
>
> </fx:Script>
> </s:Application>
>
>
> When the service is launched, authentication popup appears, while the
> request has been launched with authentication in header of request.
>
> Have you got any idea of the problem ?
>
> Thanks for your responses. :)
>
>
>
> --
> View this message in context:
> http://apache-flex-users.2333346.n4.nabble.com/HTTP-Service-Basic-Authentication-Access-Forbidden-Error-401-tp8064.html
> Sent from the Apache Flex Users mailing list archive at Nabble.com.
>