同一域上的3台服务器。具有表单身份验证的自定义成员资格提供程序
1到2之间的身份验证可以正常工作。 正在按预期在浏览器中设置Auth cookie。直接从浏览器中使用webapi方法可以正常工作。
问题:服务器#3中的ExtJs REST代理不发送授权cookie。服务器使用401 Unauthorized响应所有OPTIONS和GET。
我真的会帮助你。 感谢。
请求标题:
GET /api/codigos/?aux=xtiposoli&_dc=1364785770273&page=1&start=0&limit=25&filter=%5B%7B%22property%22%3A%22nombre%22%7D%5D HTTP/1.1
Host: webapi.pruebas.com:8888
Connection: keep-alive
Origin: http://users.pruebas.com:8889
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22
Accept: */*
Referer: http://users.pruebas.com:8889/app.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es-ES,es;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
回复标题:
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcVG9ueU1heW9yYWxcRHJvcGJveFxQcm95ZWN0b3NcTmV0MjAxMlxTRVNcU0VTLldlYkFwaVxhcGlcY29kaWdvc1w=?=
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Date: Mon, 01 Apr 2013 03:09:35 GMT
Content-Length: 71
答案 0 :(得分:4)
我设法通过以下更改解决了这个问题:
ExtJs应用程序启动:
Ext.Ajax.useDefaultXhrHeader = false;
Ext.Ajax.withCredentials=true;
WebApi的web.config:
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Origin" value="http://users.pruebas.com:8889" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />