This question is locked. New answers and comments are not allowed.
Hi,
I have a web service which requires authentication on a Windows domain. To do so I provide basic authentication header into my AJAX request and it works, I receive a proper response. The response is in fact am HTML fragment that I then integrate into a div in my application screen. That is how I do it:
$.ajax({
type: "GET",
url: url,
beforeSend: function(xhr) {
xhr.setRequestHeader("Authorization", "Basic xxxxxxxxxxxxxxxxxxxxxxxxxx");
}
})
.done(function(data) {
$("#report1").html(data);
});
My issue is that the HTML fragment that is returned contains HTML resources from the same server that of course requires authentication too. When the application renders my HTML fragment, the external resources are missing. So my question is, how can I tell the rendering engine or the default HTTP client to use specific credentials to display HTML resources?
Thanks.
I have a web service which requires authentication on a Windows domain. To do so I provide basic authentication header into my AJAX request and it works, I receive a proper response. The response is in fact am HTML fragment that I then integrate into a div in my application screen. That is how I do it:
$.ajax({
type: "GET",
url: url,
beforeSend: function(xhr) {
xhr.setRequestHeader("Authorization", "Basic xxxxxxxxxxxxxxxxxxxxxxxxxx");
}
})
.done(function(data) {
$("#report1").html(data);
});
My issue is that the HTML fragment that is returned contains HTML resources from the same server that of course requires authentication too. When the application renders my HTML fragment, the external resources are missing. So my question is, how can I tell the rendering engine or the default HTTP client to use specific credentials to display HTML resources?
Thanks.
5 Answers, 1 is accepted
0
Hi Lionel,
All the best,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.
You may need to mark all your ajax request to remote host with credentials and as cross domain in jQuery.
$.ajax({
type: "GET",
url: url,
xhrFields: { withCredentials: true },
crossDomain: trueAll the best,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.
0
Lionel
Top achievements
Rank 1
Rank 1
answered on 07 Mar 2013, 01:00 PM
Hi Jordan,
I actually have no issue with the AJAX query. Last week I struggled on fixing the CORS and authentication issues which I was able to resolve by configuring my server.
Maybe I did not explained it well here, but my issue is that when I push the HTML fragment containing external resources into a div in my interface, the Cordova rendering engine will interpret the new piece of HTML and will fail loading external resource as they need authentication. My question was, is that possible to tell the rendering engine to use specific credentials when it attempt to retrieve external resources? We do have on control when retrieving resources with AJAX but not when the rendering engine does.
A workaround would be to analyze the HTML fragment and then cache the external resources locally. I was just wondering if there was a more straightforward solution.
I actually have no issue with the AJAX query. Last week I struggled on fixing the CORS and authentication issues which I was able to resolve by configuring my server.
Maybe I did not explained it well here, but my issue is that when I push the HTML fragment containing external resources into a div in my interface, the Cordova rendering engine will interpret the new piece of HTML and will fail loading external resource as they need authentication. My question was, is that possible to tell the rendering engine to use specific credentials when it attempt to retrieve external resources? We do have on control when retrieving resources with AJAX but not when the rendering engine does.
A workaround would be to analyze the HTML fragment and then cache the external resources locally. I was just wondering if there was a more straightforward solution.
0
Hi Lionel,
If this is not again applicable, please share some more info as why you chose basic auth and also your server environment OS, web server and technologies used to help me help you.
Kind regards,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.
I see you have some control on the server side.
Option 1. Is ti possible for your app to authenticate once and set a session cookie, then create handler on the resource folders to check for that authentication cookie.
Option 2. If your server is on HTTPS (and only then) use basic auth in URL like this:
https://user:secretpassword@example.com/resource/main.cssIf this is not again applicable, please share some more info as why you chose basic auth and also your server environment OS, web server and technologies used to help me help you.
Kind regards,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.
0
Lionel
Top achievements
Rank 1
Rank 1
answered on 11 Mar 2013, 09:47 AM
Hi Jordan, thanks for your reply.
I will try to implement your first option but I am not really sure how I could implement that in my app.
For the basic auth, I need to authenticate with a Windows domain user on a Windows Server 2008 R2. I am actually querying the SQL Sever Reporting Services web service which is running off a native customized IIS on which we have little control (not a regular IIS). The ideal would have been to authenticate with NTLM but I have no idea how to implement it with XHR.
I will try to implement your first option but I am not really sure how I could implement that in my app.
For the basic auth, I need to authenticate with a Windows domain user on a Windows Server 2008 R2. I am actually querying the SQL Sever Reporting Services web service which is running off a native customized IIS on which we have little control (not a regular IIS). The ideal would have been to authenticate with NTLM but I have no idea how to implement it with XHR.
0
Hi Lionel,
Can you check if EnableAuthPersistence is true in your report server configuration?
I hope it will make authenticate the resource request after the first ajax call with basic auth header.
All the best,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.
Can you check if EnableAuthPersistence is true in your report server configuration?
I hope it will make authenticate the resource request after the first ajax call with basic auth header.
All the best,
Jordan
the Telerik team
Share feedback and vote for features on our Feedback Portal.
Want some Kendo UI online training - head over to Pluralsight.