Digest authentication with JavaScript
1,936 views
Skip to first unread message
Ganesh Ghongane
Oct 8, 2014, 2:38:55 AM10/8/14
to commcare-...@googlegroups.com
Hi all,
we are having issue while authenticating to FORM API using JavaScript, The digest authentication is failing with response code 401.
we are using the script from https://github.com/inorganik/digest-auth-request.
If anyone have any idea about how to authenticate for digest authentication with javaScript. please help us.
Thank you
ganesh
we are having issue while authenticating to FORM API using JavaScript, The digest authentication is failing with response code 401.
we are using the script from https://github.com/inorganik/digest-auth-request.
If anyone have any idea about how to authenticate for digest authentication with javaScript. please help us.
Thank you
ganesh
Cory Zue
Oct 8, 2014, 9:30:12 AM10/8/14
to commcare-developers
Hi Ganesh,
Others have also reported issues with digest authentication and javascript. Our current recommendation is to use Basic Auth instead. I believe others on this list have gotten that working.
Cory
--
---
You received this message because you are subscribed to the Google Groups "CommCare Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to commcare-develo...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Ganesh Ghongane
Oct 16, 2014, 2:48:44 AM10/16/14
to commcare-...@googlegroups.com
Hi,
I tried it with basic authentication but when I sent request server browser ask for login credentials which are I an sending with request as well.
I did some research on Google and i found below links
http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-and-jquery-and-ajax
http://stackoverflow.com/questions/9859627/how-to-prevent-browser-to-invoke-basic-auth-popup-and-handle-401-error-using-jqu
I tried above solutions but still problem persists.
below is my script for the same
$('#importButton').click( function() {
var commCareFormURL = $('#url').val();
var commCarePassword = $('#password').val();
var commCareUserID = $('#user').val();
$.ajax({
type: "GET",
xhrFields:
{
withCredentials: true
},
dataType: "jsonp",
crossDomain: true,
url: commCareFormURL,
async: false,
headers: {
'Authorization': "Basic " + btoa(commCareUserID + ":" + commCarePassword)
},
success: function (jsonData) {
console.log(jsonData);
},
error: function (request, textStatus, errorThrown) {
console.log(request.responseText);
console.log(textStatus);
console.log(errorThrown);
}
});
});
any comment/suggestion, help would be much appreciated, Thanks
I tried it with basic authentication but when I sent request server browser ask for login credentials which are I an sending with request as well.
I did some research on Google and i found below links
http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-and-jquery-and-ajax
http://stackoverflow.com/questions/9859627/how-to-prevent-browser-to-invoke-basic-auth-popup-and-handle-401-error-using-jqu
I tried above solutions but still problem persists.
below is my script for the same
$('#importButton').click( function() {
var commCareFormURL = $('#url').val();
var commCarePassword = $('#password').val();
var commCareUserID = $('#user').val();
$.ajax({
type: "GET",
xhrFields:
{
withCredentials: true
},
dataType: "jsonp",
crossDomain: true,
url: commCareFormURL,
async: false,
headers: {
'Authorization': "Basic " + btoa(commCareUserID + ":" + commCarePassword)
},
success: function (jsonData) {
console.log(jsonData);
},
error: function (request, textStatus, errorThrown) {
console.log(request.responseText);
console.log(textStatus);
console.log(errorThrown);
}
});
});
any comment/suggestion, help would be much appreciated, Thanks
To unsubscribe from this group and stop receiving emails from it, send an email to commcare-developers+unsub...@googlegroups.com.
Cory Zue
Oct 16, 2014, 10:16:52 AM10/16/14
to commcare-developers
Hi Ganesh,
Perhaps someone who was looking into this at https://groups.google.com/forum/#!topic/commcare-developers/iHgVHw3Em5A could respond more thoroughly.
However a few things you could try:
1. Does the script work against another basic auth endpoint?
2. Authenticate in pure javascript: http://stackoverflow.com/questions/491914/pure-javascript-code-for-http-basic-authentication
3. Try just passing in the username/password into the jquery call and respond to the challenge: http://stackoverflow.com/a/11960692
Cory
To unsubscribe from this group and stop receiving emails from it, send an email to commcare-develo...@googlegroups.com.
Ganesh Ghongane
Oct 17, 2014, 5:51:27 AM10/17/14
to commcare-...@googlegroups.com
Hello again,
Thank you very much for such helpful reply.
I tested the script on other basic authentication end point and its working fine.
and the good news is now I am able to login at commcare server using script but unable to fetch the data, getting an error by browser
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://apps.dhis2.org/demo/api/validationRuleGroups. This can be fixed by moving the resource to the same domain or enabling CORS.
To resolve above error I did some search on Google and found out two solutions
(1) Use data type in ajax request as jsonp to get response. (with this setting I am getting null data in Objects list)
(2) Server side configuration for cross domain access. I think possibly at server side no configuration has done for cross domain access. (http://www.html5rocks.com/en/tutorials/cors/#toc-making-a-cors-reques ). http://stackoverflow.com/questions/9559947/cross-origin-authorization-header-with-jquery-ajax
Please verify that Is commcare server provide JSONP services? if not then Is it configured to provide cross-domain access.
any help or suggestion would be much appreciated.
Thanks.
Thank you very much for such helpful reply.
I tested the script on other basic authentication end point and its working fine.
and the good news is now I am able to login at commcare server using script but unable to fetch the data, getting an error by browser
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://apps.dhis2.org/demo/api/validationRuleGroups. This can be fixed by moving the resource to the same domain or enabling CORS.
To resolve above error I did some search on Google and found out two solutions
(1) Use data type in ajax request as jsonp to get response. (with this setting I am getting null data in Objects list)
(2) Server side configuration for cross domain access. I think possibly at server side no configuration has done for cross domain access. (http://www.html5rocks.com/en/tutorials/cors/#toc-making-a-cors-reques ). http://stackoverflow.com/questions/9559947/cross-origin-authorization-header-with-jquery-ajax
Please verify that Is commcare server provide JSONP services? if not then Is it configured to provide cross-domain access.
any help or suggestion would be much appreciated.
Thanks.
To unsubscribe from this group and stop receiving emails from it, send an email to commcare-developers+unsubscribe...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Simon Kelly
Oct 17, 2014, 9:35:19 AM10/17/14
to commcare-...@googlegroups.com
Hi Ganesh
We've implemented CORS support on our API's which should be deployed by tomorrow.
To unsubscribe from this group and stop receiving emails from it, send an email to commcare-develo...@googlegroups.com.
Simon Kelly
Senior Engineer | Dimagi South Africa
Ganesh Ghongane
Oct 20, 2014, 7:38:20 AM10/20/14
to commcare-...@googlegroups.com
Thank you...
Now, I'm successfully able to get data through my script.
Regards
Ganesh
Now, I'm successfully able to get data through my script.
Regards
Ganesh
Reply all
Reply to author
Forward
0 new messages