我的服务保障与基本身份验证在IIS中设置,我尝试从业务数据与jQuery。
My service is secured with basic authentication set in IIS and i am try to get data from service with Jquery.
跨域调用已启用。
我有一个请求头
Host http:\\service.com
User-Agent Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-gb,en;q=0.5
Accept-Encoding gzip, deflate
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection keep-alive
Origin null
Access-Control-Request-Me... GET
Access-Control-Request-He... authorization
Pragma no-cache
Cache-Control no-cache
响应
Content-Type text/html
Server Microsoft-IIS/7.5
WWW-Authenticate Basic realm="172.27.131.5"
X-Powered-By ASP.NET
Access-Control-Allow-Orig... *
Access-Control-Allow-Head... *
Date Fri, 12 Aug 2011 08:07:29 GMT
Content-Length 1293
code
Code
$.ajax({
headers : {
"Authorization" : "Basic TVNF3TQtU1BGMjAx6C12bVxzbW4ydHBvaW50OlF3Z5J0eSEyM6Q1"
},
type: "GET",
url: url,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(data) {
alert('ok!');
formatData(format_type,data);
},
error: function(jqXHR, textStatus, errorThrown) {
alert(textStatus + ' / ' + errorThrown);
}
});
我也尝试设置
also i tried to set
beforeSend : function(xhr) {
xhr.setRequestHeader("Authorization", "Basic " + Base64.encode(username + ':' + password));
},
但我有一个错误:
But i have next error:
请求头字段授权不被访问控制,允许报头允许
Request header field Authorization is not allowed by Access-Control-Allow-Headers
我在做什么错了?
尝试添加以下code到在Global.asax在你的WCF项目(仅当在IIS托管工作):
Try adding the following code to the global.asax in your WCF project (only works when hosted in iis):
protected void Application_BeginRequest(object sender, EventArgs e)
{
EnableCrossDomainAjaxCall();
}
private void EnableCrossDomainAjaxCall()
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, Accept");
HttpContext.Current.Response.End();
}
}
jQuery的发出一个OPTIONS调用WCF服务,以检查是否允许呼叫。你必须以符合实际的头。您也可以下载一个例子在这里:http://sameproblemmore$c$c.blogspot.com/2011/10/creating-secure-restfull-wcf-service.html.