Cross domain with basic authentication

Feb 19, 2012 at 8:00 AM

Hi guys,

I have wcf odata service protected by basic authentication sitting on a domain different then my web application.  I have username and password and it's part of the request already.

OData.defaultHttpClient.enableJsonpCallback = true;
OData.read({ requestUri: 'http://mydomain.com/MyService.svc/Project(166)', user: 'myuser', password: 'mypwd'},
function(data){
// ok, process data
},
function(error){
// process error
});

Based on fiddler, the first request goes without Authorization token, only the second request has it.

How can I suppress default browser login dialog?

Thanks

Feb 22, 2012 at 1:10 AM

Hi Dan,

   Authentication is not supported by JSONP because in the end it is made up of a bunch of GET requests using <script> tags ... hence there is no place to send user and password data.   That's why you see in fiddler that the first request doesn't have an authorization token with it...   For what you mention about supressing the browsers' loding dialog, i don't thik you can do that from within javascript.. that dialog is generated by the browser itself and completely unaccessible to the javascript sandbox....

   If you want to avoid this behavior (which is due to the browser's same origin policy), you will probably want to use a proxy that is in the domain of the web app and have it relay the request with the authentication info to the desired endpoint.

Regards,

Alex Trigo.