[JSDO v4.4] XmlHttpRequest InvalidStateError - Forum - Mobile - Progress Community

[JSDO v4.4] XmlHttpRequest InvalidStateError


[JSDO v4.4] XmlHttpRequest InvalidStateError

  • When logging out and discarding a JSDO session and then creating a new one and logging in again, sometimes on the very next request (could be an addCatalog, a fill, etc.), the JSDO will throw an XmlHttpRequest InvalidStateException stating that the request's state must be OPENED. After some debugging I have found that in the following method: progress.data.AuthenticationProvider.prototype._openRequestAndAuthorize, there is a call made to hasClientCredentials() which returns false, even though this is happening after a successful form authentication. Because the hasClientCredentials() method returns false, the xhr.open method is never called and thus when calling xhr.send, the error is thrown.

    To reproduce this one needs to create a JSDO session, authenticate, add a catalog, create a JSDO and call the fill method at least once, logout, create a new session, authenticate again and attempt creating another JSDO and filling it with data.

    Is this a bug with the JSDO implementation, or are there API changes in v4.4 that I am not accounting for?

  • [Removed]

  • Hi Radu,

    Please log a bug. We implemented a new interface and it looks like we might have broke something. We will try to provide a workaround once we get a chance to investigate.

    Thank you


  • Hello, is there an example with this authentication?

  • Shelley Chase

    Hi Nicaragua,

    Please log a bug. We implemented a new interface and it looks like we might have broke something. We will try to provide a workaround once we get a chance to investigate.

    Thank you



    Architect of the SmartComponent Library and WinKit

    Consultingwerk Ltd.

  • [Removed]

  • Hopefully, that previous post answered most of your questions. Let me know if you guys need any more information or have any more questions!

  • "The official documentation is on the way."

    -Is it here already?

  • Hey Ruben, I've updated the above post with the API of the AuthenticationProvider and the JSDOSession. Let me know if you need more information.

    And the official docs is not here yet unfortunately.

  • Thanks for the info Alan, much appreciated.

    Just to make sure: you will need to use the login function with the AP, even if you're using anonymous authentication?

  • Hi Ruben,
    Yes. For all supported authentication models (Anonymous, Basic and Form) it is recommended to use AuthenticationProvider.
    Thanks and Regards,
    Anil Kumar.
  • Thanks Anil, but that's not exactly what I meant though. I can create an authenticationProvider object just fine, but I need to call login on the authenticationProvider object to be able to i.e. add a catalog to the JSDOSession object.

    Otherwise the HasClientCredentials() function fails for the authenticationProvider object (even when client credentials are blanks).

  • Would someone be willing to give a working example of how to implement the Authentication Provider object in a Telerik mobile app that uses an OpenEdge datasource?

    If the sample-crud-app in github could be updated to use the Authentication Provider object then that would be tremendously helpful.

    See github.com/.../sample-crud-app



  • After careful review, our guidance on managing JSDOSessions in JSDO 4.4  has changed.

    What happened:

    The foundation work for a new authentication model which is able to support single-sign on (SSO) was introduced in JSDO 4.4. The intention was to move to the new model for all authentication modes so deprecation warnings for the current model were introduced. Unfortunately, we have determined that the implementation is incomplete and is not ready for use in JSDO 4.4. 

    Additionally, the new code introduced 2 regressions in the existing authentication model. These will be fixed in the JSDO service pack 4.4.1 expected by the end of September.

    What should I do now:

    Your current login and logout code will work as expected in JSDO 4.4.1.

    The preferred approach to create and authenticate a session is to use the progress.data.getSession() stand-alone function since that API will remain supported with the new model:


    In either case you will need to call JSDOSession.logout() when the user logs out.

    Finally, please ignore any deprecated warnings at this time.

    We appreciate your patience while this issue was investigated.


  • The updated best practices can be found at: community.progress.com/.../2928.jsdosession-authentication-in-kendo-u-builder-2-0-jsdo-4-4-1