2

我们遇到了一些 ajax 调用的问题。在服务器端,我们使用 Servlet 运行 Apache Tomcat。在几次调用中,在请求标头中添加了授权 (NTLM),并删除了帖子正文。我们在站点上使用 NTLM 身份验证,但是在进行这些 ajax 调用之前已经完成了身份验证,并且这只发生在某些 ajax 调用上。

这里是进行 Ajax 调用的 JavaScript。

var postObjects = function(f, parameter, value, variables)
{
    var post = {};
    post['f']=f;
    post['courseid']=trapi.courseID;
    post['courseresourceid']=trapi.courseResourceID;
    post['mode']=trapi.mode;
    if(parameter!=null)
        post['parameter']=parameter;
    if(value!=null)
        post['value']=value;
    if(variables!=null)
    {
        for(var i=0; i<variables.length;i++)
        {
            post[variables[i][0]]=variables[i][1];
        }
    }

    var returnString="";
    $.ajax(
    {
        url : location.pathname,
        data:post,
        cache:false,
        global:false,
        dataType:'text',
        contentType:'application/x-www-form-urlencoded; charset=UTF-8',
        type:'POST',
        async:false,
        success: function(data)
        {
            returnString=data;
        },
        error: function(jqXHR, textStatus,errorThrown)
        {
            returnString="Error: "+textStatus;
        }
    });
    return returnString;
}

这里是来自提琴手的关于 postObjects 函数添加 NTLM 授权的 POST 的信息:

POST http://localhost:8080/trainweb/courses HTTP/1.1
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost:8080/trainweb/courses?f=courseframe&courseid=909
Accept-Language: nb-NO
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
DNT: 1
Host: localhost:8080
Pragma: no-cache
Cookie: JSESSIONID=C18B2FA564626BCEB82C4C3AD8837AE8; FillScreenWidth=0;     DefaultSearch=docno; lang=no
Authorization: NTLM BASE64ENCODEDSTRING
Content-Length: 0

这是来自提琴手的关于由相同 postObjects 函数制作的 POST 未添加 NTLM 授权的信息:

POST http://localhost:8080/trainweb/courses HTTP/1.1
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost:8080/trainweb/courses?f=courseframe&courseid=909
Accept-Language: nb-NO
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 61
DNT: 1
Host: localhost:8080
Pragma: no-cache
Cookie: JSESSIONID=C18B2FA564626BCEB82C4C3AD8837AE8; FillScreenWidth=0; DefaultSearch=docno; lang=no

f=getlasterror&courseid=909&courseresourceid=4079&mode=normal

每次发生这种情况时我都必须重新进行身份验证吗?

4

0 回答 0