如何发送基本身份验证的正确的授权头 [英] How to send a correct authorization header for basic authentication
问题描述
我试图从我的API一个POST数据,但我无法通过基本身份验证...
I'm tried get a POST data from my API but I can't pass the basic authentication...
我尝试:
$.ajax({
type: 'POST',
url: http://theappurl.com/api/v1/method/,
data: {},
crossDomain: true,
beforeSend: function(xhr) {
xhr.setRequestHeader('Authorization', 'Basic ZWx1c3VhcmlvOnlsYWNsYXZl');
}
});
我的服务器配置的反应是:
My server configuration response is:
response["Access-Control-Allow-Origin"] = "*"
response["Access-Control-Allow-Methods"] = "POST"
response["Access-Control-Max-Age"] = "1000"
response["Access-Control-Allow-Headers"] = "*"
这是我得到的标题是:
请求头
OPTIONS /api/v1/token-auth/ HTTP/1.1
Host: theappurl.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31
Access-Control-Request-Headers: origin, authorization, content-type
Accept: */*
Referer: http://127.0.0.1:8080/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
响应头
HTTP/1.1 401 Unauthorized
Server: nginx/1.1.19
Date: Fri, 16 Aug 2013 01:29:21 GMT
Content-Type: text/html
Content-Length: 597
Connection: keep-alive
WWW-Authenticate: Basic realm="Restricted"
我猜是服务器的配置还是不错的,因为我可以从 <一个访问API href="https://chrome.google.com/webstore/detail/advanced-rest-client/hgmloofddffdnphfgcellkdfbfbjeloo">Advanced REST客户 的(Chrome扩展)
I guess what the server configuration is good because I can access to API from the Advanced REST Client (Chrome Extension)
有什么建议?
PD: 我从高级REST客户端获得的标题是:
PD: The header that I get from Advanced REST client is:
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31
Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
Authorization: Basic ZWx1c3VhcmlvOnlsYWNsYXZl
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
和
Server: nginx/1.1.19
Date: Fri, 16 Aug 2013 01:07:18 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept, Cookie
Allow: POST, OPTIONS
X-Robots-Tag: noindex
发送选项方法
sending OPTION method
推荐答案
您可以包括用户名和密码作为URL的一部分:
You can include the user and password as part of the URL:
http://user:passwd@www.server.com/index.html
看到这个网址,以获取更多
see this URL, for more
<一个href="http://stackoverflow.com/questions/2716990/http-basic-authentication-credentials-passed-in-url-and-encryption">HTTP在URL和加密通过基本身份验证凭据
,你需要的用户名密码,这不是基本hashstring
。
of course, you'll need the username password, it's not 'Basic hashstring
.
希望这有助于...
这篇关于如何发送基本身份验证的正确的授权头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!