[Melbourne-pm] Web auth meth
Mathew Robertson
mathew.robertson at netratings.com.au
Wed Sep 10 18:28:49 PDT 2008
> You'll get a lot better mileage if you use the last two optional
> arguments in the XmlHttpRequest open() method to specify username and
> password. Otherwise you'll find that you can't override Auth headers
> that the browser decides to set, at least for Basic Auth (I haven't
> tried it with Digest). I explore some of this issues in my RESTful Web
> Services
> <http://extjs.com/learn/Manual:RESTful_Web_Services#HTTP_Authentication>
> article on the ExtJS wiki.
We use a javascript soap client called "soapclient"... anyway, within
the code it says:
// Some WS implementations (i.e. BEA WebLogic Server 10.0 JAX-WS)
don't support Challenge/Response
// HTTP BASIC, so we send authorization headers in the first request
xmlHttp.setRequestHeader("Authorization", "Basic " +
SOAPClient._toBase64(SOAPClient.userName + ":" + SOAPClient.password));
So I guess this library has found that the two optional arguments dont
always do the right thing, as the server code doesn't work correctly...
cheers,
Mathew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/melbourne-pm/attachments/20080911/344ea765/attachment.html>
More information about the Melbourne-pm
mailing list