This problem basically breaks down into two pieces:
- support for CORS [1]: i.e. connect from host A to an EAP instance on host B
- a top of CORS: properly support the current HTTP authentication mechanism
The patch that Harald did submit, deals with CORS support in general, but leaves us with
the authentication problem. Some browsers do not reveal this problem (like FF), because
they don't correctly implement the CORS spec and allow for credentials to be submitted
as part of the preflight requests. Others like recent Chrome browsers correctly implement
it and thus do not work.
In order to solve the authentication problem, we need to revisit the overall HTTP
authentication for the management layer. But speaking to Darran I can say that this is
planned and I hope that we can positively influence the discussion to make these use cases
work.
Regards, Heiko
[1]
http://www.w3.org/TR/cors/
On Apr 9, 2013, at 1:01 PM, Max Rydahl Andersen <manderse(a)redhat.com> wrote:
This is cool - how does the authentication work/not work ?
Found this on github:
"It requires a patched AS7 instance if not running on the same host.
Some browsers require extra steps to get the authentication working, but Firefox should
work out of the box."
http://haraldpehl.blogspot.de/2013/03/independent-jboss-admin-console.html explains it a
bit but
what is the patch needed for AS7 and with all these quirks do you think we can make it
portable/usable for writing a webapp that connects remotely ?
/max
On Tue, Apr 09, 2013 at 08:11:59AM +0200, Heiko Braun wrote:
> Here's a code sample:
>
>
> <script>
> // access EC2 demo instance
> http = new XMLHttpRequest();
> http.withCredentials = true;
> http.open("POST",
"http://as7-preview.dyndns.org:9990/management", true);
>
> // async response handler
> http.onreadystatechange =function()
> {
> if (http.readyState==4 && http.status==200)
> {
> // decode response
> response = dmr.ModelNode.fromBase64(http.responseText);
> alert(response.get("result").asString());
> }
> }
>
> // content type headers for DMR API
> http.setRequestHeader("Content-type","application/dmr-encoded");
> http.setRequestHeader("Accept","application/dmr-encoded");
>
> // create an operation
> op = new dmr.ModelNode();
> op.get("operation").set("read-attribute");
> op.get("address").setEmptyList();
> op.get("name").set("release-version");
>
> // send as base64 encoded
> http.send(op.toBase64String());
>
> </script>
>
>
> On Apr 8, 2013, at 1:20 PM, Heiko Braun <hbraun(a)redhat.com> wrote:
>
>>
>>
>> If you want to use the DMR API form plain JS and need all the typing build in,
the dmr.js might be your friend:
>>
>>
https://github.com/hal/dmr.js
>>
>>
>> Regards, Heiko
>> _______________________________________________
>> jboss-as7-dev mailing list
>> jboss-as7-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
> _______________________________________________
> jboss-as7-dev mailing list
> jboss-as7-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev