Home » Liferay Portal » English » 3. Development

Combination View Flat View Tree View
Threads [ Previous | Next ]
Clint Wilde
how to tell JSON WS to NOT prompt for user/pass using Liferay JS API
June 26, 2013 1:19 PM

Clint Wilde

Rank: Junior Member

Posts: 32

Join Date: March 5, 2013

Recent Posts

I want to prevent the authentication dialog from popping up when I make a JSON WS request. The request is being made on the same server, same portal instance. I am already logged to the portal so why it's asking me to log in again is a mystery to me.

I have read so many posts on how to authenticate a custom JSON request call using the JS API, but no answer yet.

Here is what I am doing in Javascript:

 1$scope.sendData = function() {
 3        var sendobj = {
 4                edOrgId: $scope.tempid,
 5                usersEmail: '',
 6                optOutVendorIds: $scope.getOpts()            
 7            };
10        Liferay.Service(
11                  '/xxx-portlet#portletObj/save-opt-out', sendobj,
12                  function(obj) {
13                    console.log(obj);
14                  }
15                );
16    }   

There seems to be no answers out there except to put the username and password into the URL using basic http authentication. We tried this by appending the username and password on the front of the url, but the API does not work with the full url.

The only other thing I have read is that I can use the portal-context instead of the portlet context to call the service. I have looked for documentation on this, but have not been successful in finding any.

So I tried this:


but I get an error:

{"exception":"No JSON web service action associated with path /portletObj/save-opt-out and method GET for /portletObj-portlet"}

I am running on liferay-portal-6.1.20-ee-ga2, with Tomcat.

Your help is much appreciated!
David H Nebinger
RE: how to tell JSON WS to NOT prompt for user/pass using Liferay JS API
June 27, 2013 9:39 AM

David H Nebinger

Community Moderator

Rank: Liferay Legend

Posts: 13099

Join Date: September 1, 2006

Recent Posts

Authentication is totally optional for your own SB interfaces. If you add a method in the XxxServiceImpl class and ignore username/password and permission checks, you shouldn't need to do authentication.

It will be exposed as a service, though, that a hacker could get to. I'd limit open access to just getter methods, but leave all insert/update/delete type methods secured...