0

I know that the issue already was discussed a lot. I went through the whole bunch of other SO's questions, but still has no solution.

My test case is very simple.

Requirements

  • I need to get authorised on httpbin.org site from my local server (localhost:63342). Basically I use http://httpbin.org/basic-auth/user/passwd to test HTTP Basic Auth.
  • I test Basic HTTP Authentication via jQuery.ajax function using GET request.
  • I need to get this done using exactly REST because actually my real goal is to get authorised via REST API request on teamcity's server which uses GET requests.

What I have done so far

Actually I tried enourmous things (worked with headers(Access-Control-Allow-Credentials, Access-Control-Allow-Origin), tried to use beforeSend function, dealt with jsonP, etc). No luck.

<html>
<head>
    <script src="./jquery-1.11.0.js"></script>
</head>
<body>
<div id="target">
    Click here
</div>
<script>
$("#target").click(function() {
    var username = 'user';
    var password = 'passwd';

    $.ajax({
        type: "GET",
        beforeSend: function (xhr) {
            xhr.withCredentials = true;
            xhr.setRequestHeader("Authorization", "Basic " + btoa(username + ":" + password));
        },

        // I know, this one is redundant
        xhrFields: { withCredentials: true },
        crossDomain: true,
        headers: { 'Access-Control-Allow-Credentials': true },
        headers: { 'Access-Control-Allow-Origin': '*' },
        // this one is redundant too
        headers: { 'Authorization': "Basic " + btoa(username + ":" + password) },
        //contentType: "application/json; charset=utf-8",
        dataType: 'jsonp',
        url: "http://httpbin.org/basic-auth/user/passwd",

        success: function(data, textStatus, jqXHR){
            alert('success');
        },

        error: function(jqXHR, textStatus, errorThrown ) {
            alert('failure');
        },

        // I don't know if I have to write it directly or not
        username: 'user',
        password: 'passwd'
    });
});
</script>
</body>
</html>

Results I get

During all my tests I got different results. The code above causes httpbin to show auth popup window to type credentials (it's weird because I send user/pass pair in headers). Another results I've got were: UNAUTHORIZED status (which is quite understandable), "error" error message (which is meaninless), etc...

Experts of jQuery and cross-domain requesting, please help to figure out what should be done here.

P.S. I know this is highly related to CORS issue, but I tried to set Access-Control-Allow-Origin in different ways without any success.

Update:

Actually my initial goal is to be able to invoke CI job from JS code (TeamCity job via REST API using Basic HTTP AUthentication).

So, for TeamCity I believe there is a bug there (in REST API Plugin) - anyone who is interested in, please track the issue TeamCity's REST API Plugin doesn't allow to authenticate using Basic HTTP Authentication

Regarding httpbin.org - test is invalid at all.

Thanks a lot!

Sergei Danielian
  • 4,938
  • 4
  • 36
  • 58
  • 1
    You're making a JSONP request, but the URL doesn't respond to JSONP. Making a standard AJAX request doesn't seem to work either. It's not set up for CORS. In the sample you're trying to add the CORS header, but it needs to be added by the server on the response. The browser needs to see that from the server before it'll let the request go through. – Anthony Chu Feb 15 '14 at 06:00
  • The authentication seems to work though as the server is responding with a 200 and `{ "authenticated": true, "user": "user" }` when calling with the username and password supplied above. – Anthony Chu Feb 15 '14 at 06:04
  • Hi Anthony. Thanks for answers. So, there is no way to do this without touching the dest. server? I mean, I can't alter dest server's CORS settings. – Sergei Danielian Feb 15 '14 at 06:17
  • @AnthonyChu The website allows requests from other domains (CORS) because it sends Access-Control-Allow-Origin:* in its response header. – advncd Feb 15 '14 at 08:36

0 Answers0