Hello Everyone,
We have created REST services using web API and successfully deployed on our Testing Servers. When check those services using POSTER (tool comes as addon in Mozilla and used for testing services), we get perfect output. But when we do Jquery Ajax call, we
face error of "
Origin is not allowed by access-control-allow-origin + rest services ". To solve this problem we were about to use JSONP but jsonP does CSRF or XSRF attacks. Because of which we have to find another alternative.
Here is my code which i used to call Service.
function GetAllAssets() {
$.ajax({
type: "POST",
url: "http://xyz.com/VAMSyncServices/api/VAM/GetAllAssets",
data:"{'logInInfo':{'UserName':'Admin','Password':'passwprd'},'astAssetIDInternal':'','lastSyncDate':'','startSyncDate':''}",
contentType: "application/json; charset=utf-8",
dataType: "json",
async: false,
success: OnGetAllAssetsSuccess,
error: OnGetAllAssetsError
});
}
function OnGetAllAssetsSuccess(data, status) {
alert("data"+data);
alert("status "+status);
}
function OnGetAllAssetsError(request, status, error) {
alert("status "+ status);
alert(error);
}
We are using Windows server 2003 and 2008, Is there anything in server configuration which can solve this or any other alternative. Is that a problem of Rest Service Code shown below?
Here is a function code of one function:
[HttpPost]
public HttpResponseMessage GetAllSites(Models.LogInInfo logInInfo)
{
Models.LogWriter.WriteEventLog("UserName:" + logInInfo.UserName + "password:" + logInInfo.Password);
RESTLibrary.User user;
try
{
BusinessObjects.SiteQuery sq = new BusinessObjects.SiteQuery("s");
BusinessObjects.VisibleSitesQuery vs = new BusinessObjects.VisibleSitesQuery("v");
BusinessObjects.UserRoleQuery urq = new BusinessObjects.UserRoleQuery("r");
Models.LogWriter.WriteEventLog("UserName:" + logInInfo.UserName + "password:" + logInInfo.Password);
user = Models.Common.AuthenticateUser(logInInfo.UserName, logInInfo.Password);
if (user == null)
{
throw new Exception("User is not authenticated.");
}
Int32 RoleID = user.GetUserRoleID();
sq.Select(sq.SiteCode,
sq.SiteDescription,
sq.SiteIDInternal,
sq.SiteName
).Where(sq.SiteID.In(vs.Select(vs.SiteID).Where(vs.RoleID.In(urq.Select(urq.RoleID).Where(urq.UserID == user.UserID)))));
BusinessObjects.SiteCollection sites = new BusinessObjects.SiteCollection();
<pre lang="cs">sites.Load(sq);
var siteList = from s in sites
select new Models.Site
{
SiteCode = s.SiteCode,
SiteDescription = s.SiteDescription,
SiteIDInternal = (Guid)s.SiteIDInternal,
SiteName = s.SiteName
};
HttpResponseMessage message = Request.CreateResponse(HttpStatusCode.OK, siteList.ToList());
return message;
}
catch (Exception ex)
{
var response = new HttpResponseMessage(HttpStatusCode.Conflict);
response.Content = new StringContent(ex.Message);
throw new HttpResponseException(response);
}
}
This function just returns list of Sites created in application.
Thanks,