I have been writing an AJAX-application that calls one or several SOAP web Services and presents the result on a single web page in different div tags. Due to some css-functionality a really nice look and feel can be accomplished similar to a portal site with many different portlets. In this case each porlet would consist of a div tag. This is all done in Lotus Notes/Domino but can be moved to any system (!?). I will present it in more detail here later on but for now I'd like to share a limitation that bothers me with Firefox or Mozilla browsers in general, maybe others as well.
If you're using AJAX where the requesting page and the Web Service resides on the same domain it works in any browser since the XMLHttpRequest object is univeral to any browser. However if the requesting page and the Web Service resides on different domains you'll find that it will not work in Firefox. An error will be raised looking like this:
Uncaught exception: Permission denied to call method XMLHttpRequest.open
The error is raised because of security concerns. Appearantely most web browsers (IE excluded) is restricted by default to interact only with resources and services hosted by the same domain. The reason is to keep potentially malicous code from accessing information it shouldn't have access to.
However, as I see it there is an equal need to communicate with Web Services that is not located on the same domain as Web Services located on the same domain. There are two ways to accomplish this:
- Digitally sign the Javascripts. Read more about this on Mozilla.org. I started digging into this but got really tired and sick of it since it is required by me to:
- Download a sign tool and learn how to use that. The sign tool creates a jar-file when executed to point to.
- Add specific exception handling functions
- Get a certificate and pay for it
- Whenever I change my javascript I have to resign it to create a new jar-file to use.
- Download a sign tool and learn how to use that. The sign tool creates a jar-file when executed to point to.
- Use a proxy. I don't know how this is supposed to work but the point is that it will work if all requests from the XMLHttpRequest object is passed through a proxy resource located on the same domain as the requesting page
My resources recommendations are:
- W3 Schools
- The article series 'Mastering AJAX'
- The article series 'Call SOAP Web Services with Ajax'
Technorati tags:
AJAX, Web Services, XML, SOAP, Lotus Notes, Domino, portlet
No comments:
Post a Comment