Re: To invoke the vRO Work Flow. Unable to authent...

bhupathysav · ‎10-25-2017

Hi,

we use the JavaScript(JS) to invoke the Work Flow. In that, we are unable to authenticate service account against vRO. The vRO authentication has integrated with AD(LDAP). while invoking the WF we are getting the error code 401: Unauthorised (401 full authentications required to access the resource. attached the html and JS code with this. Any pointers?

JS script

<!DOCTYPE html>

<html>

<head>

<title>Open console and type testwebclient2()</title>

</head>

<body>

<h1>Open console and type <code>testwebclient2()</code></h1>

function testwebclient2(){

var vmname = 'Linux';

var RAM = 2;

var CPU = 8;

var usr = 'user.name@domain.com';

var pwd = '*******';

var vroServer = '10.xx.xx.06:8281';

// URL for the request

var wfid = 'f3d58869-3a4c-4a26-8841-30b0dc6ab6f3';

// URL for the request

var workflow_invoke_url = "https://"+vroServer+"/vco/api/workflows/"+wfid+"/executions";

var vRO_Request_Data = '{"parameters": [{"value":{"number": {"value": "'+RAM+'"}},"type": "number","name": "memory","scope": vmname+'"}},"type": "string","name": "VMname","scope": "local"},{"value":{"numbe

function success(data, textStatus, jqXHR){

console.log('result for post request',data, textStatus, jqXHR);

getData();

}

$.ajax({

type: "POST",

url: workflow_invoke_url,

data: vRO_Request_Data,

success: success,

dataType: 'application/json',

headers: {

"Authorization": "Basic " + btoa(usr + ":" + pwd)

},

});

}

</script>

</body>

</html>

*********************************************************************************

Thanks and regards,

Bhupathysav

iiliev · ‎10-25-2017

Hi,

Parts of the text seems broken, eg. vRO_Request_Data looks incomplete.

Could you attach the script as a file?

bhupathysav · ‎10-26-2017

Hi iiliev,

Yes, there is broken in that HTML code. I have attached the HTML file with full code.

bhupathysav

iiliev · ‎10-26-2017

Thanks for the file.

The problem is that your code is doing so called cross-domain request, which is blocked by Web browsers for security reasons. For detailed information, you can google for 'CORS' or 'cross origin request'; one possible starting page is https://en.wikipedia.org/wiki/Same-origin_policy

There are several ways to resolve this issue in local test environments, for example Chrome browser has a command line option to launch the browser with disabled security. Another option would be to test with a non-browser REST clients.

BTW, you may need to also tweak your request object to also specify accept and content types (otherwise, its possible to receive HTTP error code 415).

tschoergez · ‎10-26-2017

Also check this thread for a server side workaround (don't use in production): Sending AJAX to API triggers CORS which vCO seems to not support?

Joerg

tschoergez · ‎10-26-2017

You might also be interested in this example: GitHub - evoila/vro_wf_panel: Panel to start and monitor VMware Orchestrator Workflows

bhupathysav · ‎10-30-2017

Hi iiliev,

Thanks for the input. By disabling the security settings in the chrome browser and by acepting the self signed certificate of the vRO server has done the trick. We could sucessfuly invoke the workflow from Java-Script. But we can't have our end user to disable browser security, In this case what would be the recommended/permanent option to Implement the solution in production environment??

Thanks

BhupathySav

All

To invoke the vRO Work Flow. Unable to authenticate service account against vRO using JavaScript(JS).