on 2020 Feb 08 1:29 PM
my question: When WEB service AUTHORIZATION is on, use ajax http to display 401 unauthorized, this ajax code does not know how to write the http header
If i don't enable security verification and delete the header in ajax then there will be no problem! Participation URL:link text
1.CREATE web SERVICE at sa 17 with Support WEB CORS
CREATE SERVICE "testc3" TYPE 'JSON' AUTHORIZATION on methods '*,OPTIONS' SECURE OFF USER DBA AS call "z_get_no"(:no);
open IE or google chrome address:http://127.0.0.1:8098/testc3?no=201917 ,then Directly enter the user name (dba) and password (sql) window,input username and password Show json data. *When using HttpPost for login authentication, the method of processing the username and password in the request header, in the form of Authorization: username password. so post headers "Authorization" : "Basic REJBOm5vcGFzc3dvcmRwZW9wbGVhZG1pbmNoYW5nZWRpdA==" (post.setHeader("Authorization", "Basic "+Base64.encodeBase64((userName+":"+userPass).getBytes())))*
2.user ajax code get sa17 webservice data:
$.ajax({ url: "http://67.220.91.30:8089/testc3", type: "GET", async: false, headers:{ "Access-Control-Allow-Origin": "*,OPTIONS", "Access-Control-Allow-Headers": "Authorization", "Authorization" : "Basic REJBOm5vcGFzc3dvcmRwZW9wbGVhZG1pbmNoYW5nZWRpdA==" }, contentType: "multipart/form-data", data: { "no": "201917" }, dataType: "json", success: (resp) => { json = resp;}, error: (xhr, status, error) => {console.log(error);} });
3.webservice log error:
[09/02/2020:01:50:12.645 0800] - 0.001 - 67.220.22.30:55071 - 8098 - "OPTIONS /testc3?no=201917 HTTP/1.1" - 401 Authorization Required - 250 - --> Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,authorization --> Access-Control-Request-Method: GET --> Accept: */* --> Host: 67.220.91.30:8098 --> Origin: http://localhost:50680 --> Accept-Language: en-US,en;q=0.9 --> User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 --> @HttpQueryString: no=201917 --> Accept-Encoding: gzip, deflate --> Connection: keep-alive <-- Connection: close <-- Expires: Sat, 08 Feb 2020 17:50:12 GMT <-- WWW-Authenticate: Basic realm="gm" <-- Content-Type: text/html; charset=ISO-8859-1 <-- Date: Sat, 08 Feb 2020 17:50:12 GMT <-- Server: SQLAnywhere/17.0.10.5963
4. If i don't enable security verification and delete the header in ajax then there will be no problem!
CREATE SERVICE "testc3" TYPE 'JSON' AUTHORIZATION off methods '*,OPTIONS' SECURE OFF USER DBA AS call "z_get_no"(:no);
User | Count |
---|---|
66 | |
11 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.