Tel Map

Blog

Basic Authentication Omnifaces CombinedResourceHandler Internet Explorer Not Working

Der Inhalt wird unten in einer verfügbaren Sprache angezeigt. Klicken Sie auf den Link, um die aktuelle Sprache zu ändern.

For a testing platform, we a have a typical basic authentication in front of our actual platform. The application server is a WildFly 14 with PrimeFaces as the frontend framework. In order for every JavaScript file not being downloaded separately, we also use the CombinedResourceHandler from OmniFaces.

However, on this beta platform we always got a 401 response for the request of  the combined Javascript in Internet Explorer.

Every other request was working fine.

After taking a look at the request headers, indeed the authorization header

was missing.

The question was, why only for this request???

After taking a look at the source code, I noticed something strange i.e. crossorigin=“anonymous“.

This will lead to the browser not sending credentials for this request. Weirdly enough, this didn’t have any effect on the other browsers in combination with basic authentication.

But how can I get rid of this attribute? There seems to be no configuration option to remove this in OmniFaces directly. I took me quite some time to figure out a hack to remove this.

What I ended up doing, is to extend the CombinedResourceHandler and walk through the different UIComonents manually to remove the attribute.

Of course you then also have to register this new resource handler instead of the CombinedResourceHandler from Omnifaces in faces-config.xml:

Hope this article helps someone facing the same issues, that I did. Unfortunately, we cannot tell all customers to use a proper browser 🙂

 

 

 

 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Diese Seite verwendet Cookies. Durch die weitere Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu. Weitere Informationen zu Cookies erhalten Sie in unserer Datenschutzerklärung.