There is web-raw service Web1 which returns html page with Frame.
Each of frames, for creation of the part html pages,
calls the web-raw services (Web2, Web3).
All three web-services (Web1, Web2, Web3) demand authorisation.
There are three Stored Procedure (TestWeb1, TestWeb2, TestWeb3) which
form
html pages for corresponding web-services.
There is user UserWeb1 to whom the rights to these SP are granted.
The SQL-script for check is in the letter end.
I start Web a browser (SeaMonkey, IE) and in address string i type:
http://mysite/Web1
In the appeared window of a login, i enter the user name "UserWeb1" and
its
password "123".
After that in a browser i is displayed html page.
But in 50 % of cases, in top frame or in the bottom frame, instead of
the
corresponding parts html pages, the error "401 Authorization Required"
is
displayed.
If from this frame in the menu to select the item "Refresh Frame", then
html
The page will be displayed normally.
That is it turns out, that authorisation of the user for separate parts
the frame works not always correctly.
Question: What do i do incorrectly ?
=======================================================
CREATE PROCEDURE dba.TestWeb1()
result (html_document long varchar)
BEGIN
declare res long varchar;
set res = '<html>\n<head>\n';
set res = res || '<title>Test Frame Site</title>\n';
set res = res || '</head>\n';
set res = res || '<frameset rows="35%,65%">\n';
set res = res || '<frame name="where" src="/Web2">\n';
set res = res || '<frame name="select" src="/Web3">\n';
set res = res || '</frameset>\n';
set res = res || '</html>';
call dbo.sa_set_http_header('Content-Type', 'text/html;
charset=windows-1251');
call dbo.sa_set_http_header('Pragma', 'no-cache');
call dbo.sa_set_http_header('Cache-Control', 'no-cache');
select res;
END
go
CREATE PROCEDURE dba.TestWeb2()
result (html_document long varchar)
BEGIN
declare res long varchar;
set res = '<html>\n<head>\n';
set res = res || '</head>\n<body>\n';
set res = res || 'Russian Text Top Frame\n';
set res = res || '</body>\n</html>';
call dbo.sa_set_http_header('Content-Type', 'text/html;
charset=windows-1251');
call dbo.sa_set_http_header('Pragma', 'no-cache');
call dbo.sa_set_http_header('Cache-Control', 'no-cache');
select res;
END
go
CREATE PROCEDURE dba.TestWeb3()
result (html_document long varchar)
BEGIN
declare res long varchar;
set res = '<html>\n<head>\n';
set res = res || '</head>\n<body>\n';
set res = res || 'Russian Text Bottom Frame\n';
set res = res || '</body>\n</html>';
call dbo.sa_set_http_header('Content-Type', 'text/html;
charset=windows-1251');
call dbo.sa_set_http_header('Pragma', 'no-cache');
call dbo.sa_set_http_header('Cache-Control', 'no-cache');
select res;
END
go
CREATE SERVICE "Web1" TYPE 'RAW' AUTHORIZATION ON AS call
dba.TestWeb1();
CREATE SERVICE "Web2" TYPE 'RAW' AUTHORIZATION ON AS call
dba.TestWeb2();
CREATE SERVICE "Web3" TYPE 'RAW' AUTHORIZATION ON AS call
dba.TestWeb3();
CREATE USER "UserWeb1" IDENTIFIED BY '123';
GRANT EXECUTE ON "DBA"."TestWeb1" TO "UserWeb1";
GRANT EXECUTE ON "DBA"."TestWeb2" TO "UserWeb1";
GRANT EXECUTE ON "DBA"."TestWeb3" TO "UserWeb1";
=======================================================
--
Best Regards, Stalker
Origin: The History is Dead
Possible solutions:
- switch to using a different browser :-)
- have web1 service set/return a cookie to the browser;
turn off authorization to web2 and web3 services;
change testweb2 and testweb3 procedures to check that a valid
cookie has been set - if not, return an error message (or nothing)
--
Mark Culp
SQLAnywhere Research and Development
iAnywhere Solutions Engineering
-------------------------------------------------------------------------
-- SQL Anywhere Blog Center - http://www.sybase.com/sqlanyblogs
-- SQL Anywhere Developer Community:
-- http://www.sybase.com/developer/library/sql-anywhere-techcorner
-------------------------------------------------------------------------
If it is possible, write please an example of operation with cookie on
the basis of my sql-script.
- cookie.sql contains:
http_cookie() routine that may be used to extract a cookie
from the data that is sent to the server from the browser
set_http_cookie() routine that may be used to set the Set-Cookie
header in the response from the server to the browser
cookie() procedure & 'cookie' web service example that illustrates
how to use the above two routines.
- session.sql contains similar code to cookie but also demostrates how
you would use cookies to use the session capability of the server.
- Mark
According to your advice, before starting to work with "Cookie", i have
changed a way authorisations for web-tools "Web2" and "Web3".
========
CREATE SERVICE "Web2" TYPE 'RAW' AUTHORIZATION OFF USER "UserWeb1" AS
call dba.TestWeb2();
CREATE SERVICE "Web3" TYPE 'RAW' AUTHORIZATION OFF USER "UserWeb1" AS
call dba.TestWeb3();
========
(The complete new SQL-script for check is in the letter end).
That is now at performance of web-services "Web2" and "Web3"
authorisation not
it is necessary also these web-services now are fulfilled from the user
name "UserWeb1".
I start Web a browser (SeaMonkey 1.1.12, IE 6.0 SP2, FireFox 3.0.3) and
in
to address string I type:
http://mysite/Web1
In the appeared window of a login, i enter the user name "UserWeb1" and
its
password "123".
After that in a browser i is displayed html page.
But in upper or in the lower frame, instead of the corresponding
parts html pages, the error "401 Authorization Required" is displayed.
If from this frame in the menu to select the item "Refresh Frame", then
html
the page will be displayed normally.
That is it turns out, what even after i have disabled necessity
authorisations of web-tools "Web2" and "Web3", all the same there is the
same
error.
Question: What do I do incorrectly ?
After all now web-services "Web2" and "Web3" should not demand
authorisation,
and should work simply from the user name "UserWeb1".
P.S. Sybase SA 11.0.0.1264
declare res long varchar;
select res;
END
go
declare res long varchar;
select res;
END
go
declare res long varchar;
select res;
END
go
CREATE USER "UserWeb1" IDENTIFIED BY '123';
GRANT EXECUTE ON "DBA"."TestWeb1" TO "UserWeb1";
GRANT EXECUTE ON "DBA"."TestWeb2" TO "UserWeb1";
GRANT EXECUTE ON "DBA"."TestWeb3" TO "UserWeb1";
CREATE SERVICE "Web1" TYPE 'RAW' AUTHORIZATION ON AS call
dba.TestWeb1();
CREATE SERVICE "Web2" TYPE 'RAW' AUTHORIZATION OFF USER "UserWeb1" AS
call dba.TestWeb2();
CREATE SERVICE "Web3" TYPE 'RAW' AUTHORIZATION OFF USER "UserWeb1" AS
call dba.TestWeb3();