3

When I call the any of the Sharepoint Webservices using Internet Explorer, the Browser ask me for credentials... but when I'm using Firefox or Chrome I get a "401 Unauthorized" error.

I'm writing a Firefox extension, so I need to know how to pass the credentials using JQuery....

 $.ajax({
    url: "http://sharepoint.xxxx.com/_vti_bin/search.asmx", 
    type: "POST",
    dataType: "xml",
    data: soapEnv,
    complete: processResult,
    contentType: "text/xml; charset=utf-8"
}); 

    $.ajax({
        url: "http://sharepoint.xxxx.com/_vti_bin/lists.asmx",
        beforeSend: function(xhr) {
            xhr.setRequestHeader("SOAPAction",
            "http://schemas.microsoft.com/sharepoint/soap/UpdateListItems");
        },
        type: "POST",
        dataType: "xml",
        data: soapEnv,
        complete: processResult,
        contentType: "text/xml; charset=utf-8"
    });
Dante López
  • 213
  • 3
  • 10
  • possible duplicate of [Status code = 0 when using xhrFields: { withCredentials: true } in jQuery $ajax call with Firefox](http://stackoverflow.com/questions/11269362/status-code-0-when-using-xhrfields-withcredentials-true-in-jquery-ajax) – Paul Sweatte Sep 22 '14 at 23:28
  • 1
    you are doing cross domain query that's why. Firefox has the security, in order for it to allow, at that server in IIS cross domain setting should be enabled, enabling cross-origin resource sharing on IIS7 If you want to access list data from different Sharepoint applications, other way is to use Search. – Nikunj Oct 09 '14 at 18:10
  • Try to add header to parameters like this: headers: { "Content-Type": "text/plain", 'Authorization': 'Basic ' + btoa('username:password'), }, – GuChil Nov 14 '18 at 08:04

1 Answers1

-1

You should be able to pass username/password by using something like this:

$.ajax({
    url: "http://sharepoint.xxxx.com/_vti_bin/search.asmx", 
    type: "POST",
    xhrFields: {
        withCredentials: true
    },
    dataType: "xml",
    data: soapEnv,
    complete: processResult,
    contentType: "text/xml; charset=utf-8"
    username: username,
    password: password,
    crossDomain: true
});

This call, using the xhrFields withCredentials: true and passing the username and password allow you to send these items with the rest of the call. Also, notice that crossDomain: true is used to tell jQuery to make any necessary changes to allow cross-domain calls.

Praxis Ashelin
  • 5,137
  • 2
  • 20
  • 46
imelgrat
  • 2,407
  • 1
  • 12
  • 17
  • 1
    Why one would pass username and password in JavaScript? – VJOY Oct 23 '17 at 05:52
  • Regarding Vijay's question, User/password posting might be necessary when using AJAX-only services. Obviously, plain-text posting should be avoided unless you're using SSL. Even so, it might be a good idea to send browser-encrypted/hashed password to provide another layer of security. – imelgrat Oct 23 '17 at 11:25