Wednesday, October 08, 2008

Calling webscript with no Basic authentication

My case was that I need to invoke web script without triggering the HTTP basic authenticator, 1 week of reading the wiki and googling, I almost accept that web script requires HTTP basic authentication.
But thanks to the answer on my alfresco post, there are 3 ways of authentication for web script.

  1. /alfresco/service or /alfresco/s (mapped to HTTP Basic Authenticator)
  2. /alfresco/wcservice or /alfresco/wcs (mapped to Web Client Authenticator)
  3. /alfresco/168service or /alfresco/168s (mapped to JSR-68 Authenticator)

I could use /alfresco/wcs to invoke my web script from my dashlet without popping up the authentication dialog box and it opens up the possibilities for me integrating other applications :)

5 comments:

Sunil said...

can you suggest any idea of calling webscript from other application without authentication popup
thanks

Santoso said...

In my case, the other application is opened up from alfresco dashlet which requires the user to login to alfresco first.
The other application which is opened in the same browser invoke the webscript using /alfresco/wcs prefix will use the same session therefore no more authentication required.

In your case, what are the nature of the other application? is it web app or desktop?

Another way is to change the webscript authentication to none, which maybe not the best way.

Anonymous said...

Hi

My case is alomst similar. I am calling the Web Scripts by YUI Connection Manager. It pops up authentication dialog; however, it asks for that only once.

Can you suggest any way to pass the authentication info so that the dialog does not popup...

Thanks.

小豬翔翔 said...

Hi I would like to create a SSO authenticator, which trusts the user id in HTTP header. Do you have any information on that? So basically one application will do the authentication and put the user id in the HTTP header, and then forward the request to Alfresco. I want Alfresco to trust the request and extract the user information from the http header. Should I implement an authenticator?

marga said...

Hello,
i would like to call a webscript from a public website, so we have no user authentication.
How would you do this? I thought in writing the user amb pwd in the http address, but i'm sure there will be better solutions.
thanks in advance