PDA

View Full Version : HTTP Basic Auth and Store's 'Load Data' feature



ewan
10 Feb 2012, 2:18 PM
My server serves XML over HTTP. The feeds use HTTP basic authentication. In a deployed JS application, the browser takes care of presenting the user with a dialog to allow the user to provide a user name and password. The browser also takes care of adding the appropriate HTTP Basic auth header and of caching it for later use.

The designer doesn't challenge me for auth when I hit the 'Load Data' item on a Store node in the Project Inspector. Consequently, the request fails.

Is there a way to get the designer to prompt me?

aconran
10 Feb 2012, 4:46 PM
This is not something we've ran into yet and/or planned for.

We will see what it takes at the lower level to get in basic authentication.

aconran
2 Mar 2012, 9:07 AM
I learned this morning that BasicAuth is nothing more than a header which has base64 encoded username:password.
http://coderseye.com/2007/how-to-do-http-basic-auth-in-ajax.html
http://www.aswinanand.com/2009/01/http-basic-authentication-using-ajax/

Setting the headers on the proxy object will enable you to do this.

paul_todd
2 Mar 2012, 12:50 PM
As I responded in my original request the xhr object has additional features to handle digest authentication which is securer and also fixes some security management issues around the whole handling of credentials.

aconran
2 Mar 2012, 2:02 PM
As I responded in my original request
This one? http://www.sencha.com/forum/showthread.php?184464-Setting-username-and-password-in-proxy-store

paul_todd
5 Mar 2012, 7:49 AM
Yup.

the original poster can use http://username:password@url in the url section of the proxy and that should work as a temporary measure without requiring code changes

Veer_Muchandi
20 Jan 2013, 2:53 PM
Hi Paul

Can you please explain how to do digest authentication in Sencha touch2? I could not find what you are calling as "response to original request". Also I don't understand http://username:password@url

Do you have an example you can share?

Thanks
Veer