I am trying to make a request to a rest service on another domain that requires HTTP basic authentication. I have control over that server to a certain degree.
For now on i am working on localhost using Intellij builtin server.
In production the situation will be similar. My web application (containing the ajax call) will communicate with this other rest service that is deployed on its own server. Although all of this is part of the infrastructure of the organization.
So far i have tried the following:
$.ajax({
url: "http://xxxxxxxx/extractor/api/suggest",
data: {projectId: "******", language: "en", searchString: "h"},
username: 'username',
password: 'password',
dataType: 'json',
//crossDomain: true,
beforeSend: function(req) {
req.setRequestHeader('Authorization', 'Basic ' + btoa('username:password'));
},
xhrFields: {
withCredentials: true
},
error: function( jqXHR, textStatus, errorThrown ) {
$("body").append(textStatus)
},
success: function( data, textStatus, jqXHR ) {
$("body").append(JSON.stringify(data.suggestedConcepts))
}
}
)
Note that i have set up jetbrain chrome extension to force cors (ACCESS-CONTROL-ALLOW-ORIGIN: ) for every addres (http:///*)
The request above return 401 Unauthorized.
When i remove
beforeSend: function(req) {
req.setRequestHeader('Authorization', 'Basic ' + btoa('superadmin:poolparty'));
},
The browser ask me for my credential once and never ask it again.Although i'm confident that "with credential" plays a role, cause if i remove it, even if i had entered my credential, it won't subsequently work.
Also, just for the context in case, the server is tomcat 6, and it use some spring security. This is what appears when i am asked to provide the credential.
I think i have tried almost eveything, expect from actually modifying the server to allow cors. But in any case java script should work with the setting of the browser. Beside this is only related to authentification problem not cross origin calls.
Aucun commentaire:
Enregistrer un commentaire