Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?
All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.
Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.
To deal with cross-domain calls, I suggest you to do either one of the two things.
Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:
chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)
Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.
I already started working on my task with Mobile Visualizer .
The first point in my plan is : Implement authentication functionality.
So, I started working on first point and get some problems.
It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.
So, I suggest implements some new security for accessing for API.
It will be look like :
Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.
Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.
Since we use Spring already, the solution will make use of Spring Security.
So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.
If you agree with me I can start investigating how to implement this functionality.
Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2
We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.
Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?
All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.
Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.
To deal with cross-domain calls, I suggest you to do either one of the two things.
Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:
chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)
Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.
I already started working on my task with Mobile Visualizer .
The first point in my plan is : Implement authentication functionality.
So, I started working on first point and get some problems.
It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.
So, I suggest implements some new security for accessing for API.
It will be look like :
Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.
Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.
Since we use Spring already, the solution will make use of Spring Security.
So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.
If you agree with me I can start investigating how to implement this functionality.
Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2
We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.
Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?
All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.
Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.
To deal with cross-domain calls, I suggest you to do either one of the two things.
Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:
chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)
Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.
I already started working on my task with Mobile Visualizer .
The first point in my plan is : Implement authentication functionality.
So, I started working on first point and get some problems.
It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.
So, I suggest implements some new security for accessing for API.
It will be look like :
Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.
Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.
Since we use Spring already, the solution will make use of Spring Security.
So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.
If you agree with me I can start investigating how to implement this functionality.
Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2
We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.
Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?
All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.
Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.
To deal with cross-domain calls, I suggest you to do either one of the two things.
Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:
chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)
Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.
I already started working on my task with Mobile Visualizer .
The first point in my plan is : Implement authentication functionality.
So, I started working on first point and get some problems.
It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.
So, I suggest implements some new security for accessing for API.
It will be look like :
Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.
Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.
Since we use Spring already, the solution will make use of Spring Security.
So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.
If you agree with me I can start investigating how to implement this functionality.