我的目标是拥有一个网络服务,使用 Apache Tomcat 7,并使用来自另一个域的 ajax 请求与其通信。 Web 服务正在运行,但我在 JavaScript 部分遇到了问题。
我的问题是当我尝试使用基本身份验证执行任何请求时,当 Tomcat 给我请求时 header 被删除:
String basicAuth = request.getHeader("Authorization");
字符串总是为空。我试图寻找答案,我猜问题出在我的 web.xml 配置上(因为我使用的是跨域请求)。
javaScript 部分如下所示:
$.ajax({
type: 'GET',
url: 'http://localhost:8080/Test/endpoint/to/test',
dataType : 'json',
beforeSend: function (request) {
request.withCredentials = true;
request.setRequestHeader("Authorization", "Basic " + btoa('test' + ":" + 'test'));
},
success: function(data) {
console.log(data);
},
error: function(data) {
console.log(data);
}
});
我的 web.xml 文件如下所示:
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>File Explorer</display-name>
<description>
File Explorer
</description>
<servlet>
<servlet-name>Test</servlet-name>
<servlet-class>fr.vuzi.controller.FrontController</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FrontController</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value></param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
(我对每个请求只使用一个端点)。我已经尝试了几乎所有我能找到的东西,但我不知道问题出在客户端还是服务器端。
我知道有类似的问题:Authentication headers are not sending JQuery Ajax但似乎没有一种解决方案对我有用......
提前致谢。
最佳答案
好的,那确实是 tomcat 配置问题,而不是 JavaScript 问题。这是对我有用的,允许跨域请求:
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,authorization,Authorization,accept,Accept</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
关于javascript - 使用 JQuery 和 Tomcat 的身份验证 header ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29973815/