Ajax Proxy

From ADF Docs
Revision as of 23:09, 7 March 2010 by Rwest (talk | contribs) (Example)
Jump to: navigation, search

Overview

Ajax Proxy is a CFM file located in the /_cs_apps/ directory of your site (Note: this file was copied from the /ADF/core/site-sample/ directory as a part of installation) directory. The concept of the Proxy is to have a single endpoint for all ajax calls into the ADF library and/or Apps that are built. The goal with this single endpoint is two-fold:

  1. Control security access to the methods within the ADF
  2. Load the site application space so library and app calls have site level context

Usage

To use the Ajax Proxy in a jQuery get/post call, do the following:

  1. URL to call is #application.ADF.ajaxProxy#
  2. Add in the name of the bean you want to call
  3. Add in the name of the method within that bean you want to call
  4. Add any other parameters (which will be passed into your function)

Example

If you wanted to call the "getSubsiteStruct()" method (returns an array of subsite data) in the csData_1_0 component you would do the following:

jQuery.get("#application.ADF.ajaxProxy#",
  { bean: "CSData_1_0",
     method: "getSubsiteStruct",
     subsiteURL: "#request.subsite.url#",
     returnFormat: "json" }, 
    function( results ) ...
});
Note: notice how the "bean" (e.g cfc or component) requires the version

Configuring

To start using the Ajax Proxy, be sure to copy the ajaxProxy.cfm located in /ADF/core/site-sample/ into your sites /_cs_apps/ directory. Additionally, make sure that in your ADF.cfc (located in your /_cs_apps/ directory) you have the following line in your init() method:

setAjaxProxyURL("#request.site.csAppsWebURL#ajaxProxy.cfm");

After the "loadSite()" call, make sure you Reset your Site ADF.

Security

By default all methods within an application or the ADF library are locked down. To make a method available you must add it to either your applications Proxy White List (recommended) or the global Proxy White List.

If your method performs potentially dangerous actions, you may also want to verify the call is being conducted by a licensed contributor or a site admin.