Response title
This is preview!
JQGrid not following OpenID redirect
in Using jQuery
•
11 years ago
Hey all,
I have a Ruby on Rails app that's using JQGrids in many of its pages. It uses OpenID authentication through Google via the ruby-openid gem and Seth Ladd's directions. That's not the problem -- it appears to be working just hunky-dory.
The problem is that whenever the JQGrid code makes a POST to update data on the server, two things appear to fail.
I'm guessing here that this isn't a bug per se, that it's my ignorance that's causing the problem. But I'll be danged if I can even figure out what I'm ignorant of. (Oh. The rule about terminal prepositions, apparently. Huh, that was easy.
)
Any suggestions? I wouldn't be surprised if I'm somehow running afoul of XSS defenses, but am not sure how I'd approach matters if that were the case -- perhaps try to do an initial authentication from Javascript instead of just a GET or POST from the browser?
BTW I've asked this question in other fora but no joy.
Anyway, TIA. He Who Funds The Project will be ever so pleased if I can fix this (not to mention She Who Cashes My Paychecks).
Rick Wayne
UW Soil Science
I have a Ruby on Rails app that's using JQGrids in many of its pages. It uses OpenID authentication through Google via the ruby-openid gem and Seth Ladd's directions. That's not the problem -- it appears to be working just hunky-dory.
The problem is that whenever the JQGrid code makes a POST to update data on the server, two things appear to fail.
- Even if the user's browser is already authenticated via logging in to Google, the POST appears to the server as if it were coming from an unauthenticated one, and gets redirected to the OpenID authentication dance. That wouldn't be a showstopper except that
- As soon as the server sends back the 401 that's supposed to initiate the redirect-and-authenticate thing, the whole enchilada just stops dead. Normally (as in, say, a POST request from a form submission), the browser sees the 401, reads the enclosed "authenticate over here" info, does the dance, comes back with the session set up, and the cycle continues. But from JQuery, it don't happen.
I'm guessing here that this isn't a bug per se, that it's my ignorance that's causing the problem. But I'll be danged if I can even figure out what I'm ignorant of. (Oh. The rule about terminal prepositions, apparently. Huh, that was easy.
)Any suggestions? I wouldn't be surprised if I'm somehow running afoul of XSS defenses, but am not sure how I'd approach matters if that were the case -- perhaps try to do an initial authentication from Javascript instead of just a GET or POST from the browser?
BTW I've asked this question in other fora but no joy.
Anyway, TIA. He Who Funds The Project will be ever so pleased if I can fix this (not to mention She Who Cashes My Paychecks).
Rick Wayne
UW Soil Science
1