Question

我们遇到一些ajax调用的问题。在服务器端，我们运行带有Servlet的Apache Tomcat。在几个调用中，在请求标头中添加了授权（NTLM），并删除了邮政机构。我们在网站上使用NTLM身份验证，但是在进行这些ajax调用之前已经完成了身份验证，这只发生在某些ajax调用上。

这里是进行Ajax调用的JavaScript。

var postObjects = function(f, parameter, value, variables)
{
    var post = {};
    post['f']=f;
    post['courseid']=trapi.courseID;
    post['courseresourceid']=trapi.courseResourceID;
    post['mode']=trapi.mode;
    if(parameter!=null)
        post['parameter']=parameter;
    if(value!=null)
        post['value']=value;
    if(variables!=null)
    {
        for(var i=0; i<variables.length;i++)
        {
            post[variables[i][0]]=variables[i][1];
        }
    }

    var returnString="";
    $.ajax(
    {
        url : location.pathname,
        data:post,
        cache:false,
        global:false,
        dataType:'text',
        contentType:'application/x-www-form-urlencoded; charset=UTF-8',
        type:'POST',
        async:false,
        success: function(data)
        {
            returnString=data;
        },
        error: function(jqXHR, textStatus,errorThrown)
        {
            returnString="Error: "+textStatus;
        }
    });
    return returnString;
}

这里是来自fiddler的关于postObjects函数发出的POST的信息，它添加了NTLM授权：

POST http://localhost:8080/trainweb/courses HTTP/1.1
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost:8080/trainweb/courses?f=courseframe&courseid=909
Accept-Language: nb-NO
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
DNT: 1
Host: localhost:8080
Pragma: no-cache
Cookie: JSESSIONID=C18B2FA564626BCEB82C4C3AD8837AE8; FillScreenWidth=0;     DefaultSearch=docno; lang=no
Authorization: NTLM BASE64ENCODEDSTRING
Content-Length: 0

这里是来自fiddler的关于由同一个postObjects函数发出的POST没有添加NTLM授权的信息：

POST http://localhost:8080/trainweb/courses HTTP/1.1
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost:8080/trainweb/courses?f=courseframe&courseid=909
Accept-Language: nb-NO
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 61
DNT: 1
Host: localhost:8080
Pragma: no-cache
Cookie: JSESSIONID=C18B2FA564626BCEB82C4C3AD8837AE8; FillScreenWidth=0; DefaultSearch=docno; lang=no

f=getlasterror&courseid=909&courseresourceid=4079&mode=normal

每次发生这种情况时，我是否必须重新进行身份验证？

Ajax帖子有时会删除正文并添加NTLM授权

0 个答案: