本文介绍了跨域AJAX / JavaScript的 - 人工使用的SessionID的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我现在有一个RESTful Web服务能够识别客户端,通过它的会话。

我有使用Ajax / JavaScript来访问RESTful Web服务的内容的客户端。我允许这种情况发生,通过响应的头请求:访问控制 - 允许 - 原产地访问控制 - 允许-凭证访问控制 - 允许 - 方法

然而,虽然客户端可以访问内容的每个请求被视为不同的会话曲奇不能跨域使用。

我不想改变我的服务器code,专门应付这种风格的客户,我会preFER一个变通客户端给使用会话的门面。

因为我不想通过会话存储任何东西,而我只用了JSESSIONID作为客户端标识符我以为我可以人为地注入&放大器; JSESSIONID = 来的URL,至少从服务器端,使客户端似乎被正确地跟踪会话

似乎这不是工作? - 可我怎么可以让我的客户的行为,就好像它是使用相同的SessionID有人提醒

解决方案

JSESSIONID 不是查询字符串参数。你想要人为地添加; JSESSIONID = ... (之前,任何与功放;在URL),而不是&放大器; JSESSIONID =。 ..

I currently have a RESTful webservice which recognises a client via it's session.

I have a client which uses ajax/javascript to access the contents of the RESTful webservice. I allow this to happen by responding to the request with the headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials, Access-Control-Allow-Methods.

However, although the client can access the content's each request is regarded as a different session as cookies cannot be used across domain.

I don't want to modify my server code to cater specifically for this style of client, i would prefer a work around client side to give a facade of using a session.

Since I don't want to store anything through the session, rather I only use the jsessionid as the client identifier I assumed I could artifically inject &jsessionid= to the URL to, at least from the server side, make the client seem to be correctly keeping track of the session.

This doesn't seem to work - can someone advise on how I can make my client act as if it is using the same sessionid?

解决方案

jsessionid isn't a query string parameter. You'd want to artificially add ;jsessionid=... (prior to any & in the URL), rather than &jsessionid=....

这篇关于跨域AJAX / JavaScript的 - 人工使用的SessionID的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-07 00:46