Integrated Windows authentication using AJAX in an html page.

Richard M.
Richard M. used Ask the Experts™
on
I am trying to write a Javascript using AJAX to get and send the windows credentials to the server app for integrated windows authentication and have a web page returned that represents the roles of the user.  I am using red hat developer studio and wildfly 15.  I am tackling this one thing at a time.  The first step is to send the credentials.  This is what I have so far.  I am pretty new at developing, so I would appreciate any feedback.  I know I am missing the script tag to start it.  There are other things that are not relevant, so I did not include them.

var service_url = "http://192.168.20.200:8080"
$.ajax({
    type: "GET",
    url: service_url,
    dataType: "xml",
    data: "ParamId=" + FormId.value,
    processData: false,
    beforeSend : function(req) {
         req.setRequestHeader('Authorization',
               make_base_auth ('USERNAME', 'PASSWORD'));
    },
    error: function(XMLHttpRequest, textStatus, errorThrown) {  
         ajaxError(XMLHttpRequest, textStatus, errorThrown);
    },
    success: function(success); }
    function success()
    {<alert SUCCESS!> }
});
</script>
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
Hi Richard,

Looks like this is your first question - welcome to EE.


Just trying to understand what it is you are looking for?

Does your code not work?

Can you give us some more information about what you are expecting and what you are observing.
Richard M.Software Developer II

Author

Commented:
To tell you the truth, I have not been able to ascertain whether or not the code is working.  The beginning part of the script sets up some text and a button and tells the user to press the button to authenticate.  When I press the button, the success function does not seem to be working.  After some thought I realize I have not built the server app to handle the request yet, but I also am not getting an error message.  Is there a way to test whether or not my script is working?
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
Your script is setup to make an AJAX call to a server resource so there are two sides to this equation - a working solution is when both sides are doing what they are supposed to do.

Before looking at the AJAX side it is important to determine if your server code is working.

Your URL points to http://192.168.20.200:8080
That suggests that there is some code on the end of that link that is going to return some XML.

From your second post it sounds like you have jumped in the deep end so let's go back to the beginning.

Is this code you have written or did you copy it from somewhere?
What are you expecting it to do?
Would it be helpful to go through it line by line to break it down or are you ok with what it is doing?
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Richard M.Software Developer II

Author

Commented:
I think I have an understanding of what it is supposed to be doing.  I copied a bulk of the code, then changed it (hopefully correctly) for my environment.

I am expecting the code to get the windows credentials from the logged on user and then request the xml files with the auth information.

If that is not correct, I am happy to accept critiques, etc.
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
The JavaScript code has nothing to do with windows. All it is doing is calling a URL and then responding to the content returned from that URL.

The key is what is at the other end of that URL.

On return the code does nothing - so unless the purpose is to change state on the server AND there is a script listening on http://192.168.20.200:8080 the script does not do anything.
Richard M.Software Developer II

Author

Commented:
So you are saying that it does not collect the IWA credentials?  I think I am just going to start from scratch.
Most Valuable Expert 2017
Distinguished Expert 2018
Commented:
No - that is client side (JavaScript code) - all it does is pass the username and password in an Authorisation header to whatever is listening on the other side - effectively it does nothing.

I went through it below and there is an error in how you have defined your success function
success: function();}

Open in new window

will generate an error. Should be
success: function() {
   // Success code here
}

Open in new window


// SETUP THE SERVICE URL
var service_url = "http://192.168.20.200:8080"
// MAKE THE AJAX CALL (SETTINGS IN OBJECT PASSED TO AJAX FN)
$.ajax({
    type: "GET",  // WE ARE DOING A GET REQUEST - DATA PASSED IN URL
    url: service_url,  // URL TO CALL
    dataType: "xml", // EXPECT XML TO BE RETURNED
    data: "ParamId=" + FormId.value, // PARAMETERS TO BE ADDED TO THE URL
    processData: false, // NOT SURE WHY THIS IS SET - WE USUALLY DO THIS TO PREVENT INTERPRETATION OF DATA SENT. IN THI CASE
                        // WE ARE SENDING A ParamId ASSUME IT WILL BE AS A STANDARD URL PARAM??
    beforeSend : function(req) { 
// BEFORE WE MAKE THE REQUEST ADD A HEADER IN THIS CASE AN AUTHORIZATION HEADER
// WITH USERNAME AND PASSWORD AS THE VALUES
// make_base_auth I ASSUME CONCATS THE TWO VALUES WITH ':' IN BETWEEN AND THEN BASE64 ENCODES THE RESULT 
// PROBABLY PREPENDS 'Basic ' TO IT - THAT WOULD BE STANDARD
          req.setRequestHeader('Authorization',
               make_base_auth ('USERNAME', 'PASSWORD'));
    },
// IN CASE THE CALL FAILS
    error: function(XMLHttpRequest, textStatus, errorThrown) {  
         ajaxError(XMLHttpRequest, textStatus, errorThrown);
    },
    success: function(success); } // THIS IS AN ERROR AND WILL NOT RUN
// SHOULD BE success: THEN function on the next line stays as is
    function success()
    {<alert SUCCESS!> }
});

Open in new window

Richard M.Software Developer II

Author

Commented:
Thank you so much.  I will try this.  I am marking it as the answer.  I really appreciate your help.
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
You are welcome.
Richard M.Software Developer II

Author

Commented:
Thank you very much for your help.  I believe I have it now and am working on the server side for authenticating the user to the application.
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
again you are most welcome.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial