After setting up the webservice server to support CORS, adding a Header set Access-Control-Allow-Origin "*"
for the apache virtual host, a new problem has occurred. I call webservice using jquery 1.5:
$.ajax( { type: "GET", url: wsBaseUrl + "?action=xyz", dataType: "json", success: function(data){ wsCallback(data); } });
This method works in a cross-domain with an adapted server configuration. However, if the web service needs authentication, which is the case in the production system, it breaks again.
For authentication, I add jquery ajax options
username: "userx", password: "passx",
Only authentication works (not cross-domain). But as soon as it combines (authentication + cross-domain), it ends. jQuery calls an error callback saying that the request is not allowed. I registered requests with TamperData in Firefox and webservice request is not registered there. However, it may be that the so-called preflight is not registered there (but if so, why does it depend on authentication?).
I tried all the combinations on my test system, and I am absolutely sure that the correct conclusion.
Now I'm really stuck. What else can I do to debug / work around this?
source share