我开发一个HTML5的移动应用,它与 Web服务
通信。 Web服务使用NTLM身份验证协议。我有困难,通过JavaScript处理握手。 NTLM发送 401未经授权
为回应我的帖子,我还没有发现有任何的方式来应对。
时的NTLM身份验证可以使用JavaScript?我应该建立与如代理Web服务基本身份验证介于两者之间?
我jQuery的电话是一样的东西......
$。阿贾克斯({
键入:POST,
网址:网址,
的contentType:为text / xml,
数据类型:XML,
数据:SOA prequest,
用户名:用户名,
密码:'密码',
xhrFields:{
withCredentials:真
},
成功:processSuccess,
错误:的processError
});
解决方案
现在的问题是,你不能获得通过javascript当前登录的域/用户(或者如果可以我从来没有找到一个解决方案)。
如果您已经知道域,用户名和密码,您可以使用类似的https:/ /github.com/erlandranvinge/ntlm.js/tree/master
不过,我觉得走这方法为单次登录将是令人沮丧的,从长远来看。
我们结束了在一个隐藏的iframe做NTLM身份验证,通过JavaScript访问的iframe。
I am developing an HTML5 mobile app, which communicates with WebServices
. WebServices use NTLM authentication protocol. I am having difficulties to handle the handshake via JavaScript. NTLM sends the 401 unauthorized
as response to my POST, which I have not found any way to respond to.
Is NTLM authentication possible with JavaScript? Should I build a proxy web service with e.g. basic authentication in-between?
my jQuery call is something like...
$.ajax({
type: "POST",
url: URL,
contentType: "text/xml",
dataType: "xml",
data: soapRequest,
username: 'username',
password: 'password',
xhrFields: {
withCredentials: true
},
success: processSuccess,
error: processError
});
解决方案
The problem is that you can't get the currently logged in domain/user via javascript (or if you can I've never found a solution).
If you already know the domain, username and password you could use something like https://github.com/erlandranvinge/ntlm.js/tree/master
However I think going down this method for single sign on is going to be frustrating in the long run.
We ended up doing NTLM authentication in a hidden iframe and accessing the iframe via javascript.