问题描述

我配置我的Jetty服务器允许跨域的HTTP请求（allowedOrigins = *），也允许跨域认证使用其CrossOriginFilter（allowCredentials = TRUE）。
跨域HTTP请求没有身份验证的要求工作确定。现在，当涉及到HTTP，要求认证调用它不工作了使用JQuery。我用下面的code和遵循这个例子：http://www.aswinanand.com/2009/01/http-basic-authentication-using-ajax/

I configures my Jetty server to allow cross domain http requests (allowedOrigins = *) and also to allow cross domain authentication (allowCredentials=true) using its CrossOriginFilter.Cross domain http requests without authentication requirement work ok. Now when it comes to http calls that require authentication It doesn't work out using JQuery. I use the following code and followed this example: http://www.aswinanand.com/2009/01/http-basic-authentication-using-ajax/

function login(username, password) {
$.ajax({
    type: "GET",
    contentType: "application/json",
    dataType: "json",
    url: url,
    beforeSend: function(xhr) {
        var base64 = Base64.encode(username + ":" + password);
        xhr.setRequestHeader("Authorization", "Basic " + base64);
        xhr.withCredentials = true;
    },
    error: function(data){
        alert("error");
    },
    success: function(data){
        alert("success");
    }
});

在我的HttpFox看到下面的请求到服务器：

In HTTPFox i see the following request to the server:

OPTIONS /login HTTP/1.1
...
Access-Control-Request-Method   GET
Access-Control-Request-Headers  authorization,content-type

服务器用一个响应

The server responds with a

HTTP/1.1 204 No Content
...
Allow   OPTIONS,GET,HEAD

我也用下面的选项，这犯规有所作为。

I also used the options below, which doesnt make a difference.

$.ajax({
    ...
    username: username,
    password: password,
    ...
}

误差函数始终闪光。
任何人的想法问题可能是什么？

The error function always fires.Anybody an idea what the problem could be?

推荐答案

在默认允许的标题是

X-请求-着，内容类型，接受，原产地

我不得不添加标题

授权，内容类型

通过日志文件中找到该

DEBUG [2012-05-27 17：04：02468] org.eclipse.jetty.servlets.CrossOriginFilter：标题[授权，内容类型]是不允许的报头中[X-请求-着，内容类型，接受，产地】

感谢所有的提示！

这篇关于jQuery的跨域认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！