my question: When WEB service AUTHORIZATION is on, use ajax http to display 401 unauthorized, this ajax code does not know how to write the http header

If i don't enable security verification and delete the header in ajax then there will be no problem! Participation URL:link text

1.CREATE web SERVICE at sa 17 with Support WEB CORS

  CREATE SERVICE "testc3"
        TYPE 'JSON'
        AUTHORIZATION on
       methods '*,OPTIONS'
        SECURE OFF
        USER DBA
        AS call "z_get_no"(:no);

open IE or google chrome address:http://127.0.0.1:8098/testc3?no=201917 ,then Directly enter the user name (dba) and password (sql) window,input username and password Show json data. *When using HttpPost for login authentication, the method of processing the username and password in the request header, in the form of Authorization: username password. so post headers "Authorization" : "Basic REJBOm5vcGFzc3dvcmRwZW9wbGVhZG1pbmNoYW5nZWRpdA==" (post.setHeader("Authorization", "Basic "+Base64.encodeBase64((userName+":"+userPass).getBytes())))*

2.user ajax code get sa17 webservice data:

  $.ajax({
    url:  "http://67.220.91.30:8089/testc3",
    type: "GET",

    async: false,
  headers:{
                   "Access-Control-Allow-Origin": "*,OPTIONS",
                   "Access-Control-Allow-Headers": "Authorization",
                   "Authorization" : "Basic REJBOm5vcGFzc3dvcmRwZW9wbGVhZG1pbmNoYW5nZWRpdA=="
                 },
    contentType: "multipart/form-data",
    data:  {

   "no": "201917"   
      },
    dataType: "json",

   success: (resp) => { json = resp;},
    error: (xhr, status, error) => {console.log(error);}
});

3.webservice log error:

[09/02/2020:01:50:12.645 0800] - 0.001 - 67.220.22.30:55071 - 8098 - "OPTIONS /testc3?no=201917 HTTP/1.1" - 401 Authorization Required   - 250 - 
--> Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,authorization    
--> Access-Control-Request-Method: GET
--> Accept: */*
--> Host: 67.220.91.30:8098
--> Origin: http://localhost:50680
--> Accept-Language: en-US,en;q=0.9
--> User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
--> @HttpQueryString: no=201917
--> Accept-Encoding: gzip, deflate
--> Connection: keep-alive

<-- Connection: close
<-- Expires: Sat, 08 Feb 2020 17:50:12 GMT
<-- WWW-Authenticate: Basic realm="gm"
<-- Content-Type: text/html; charset=ISO-8859-1
<-- Date: Sat, 08 Feb 2020 17:50:12 GMT
<-- Server: SQLAnywhere/17.0.10.5963

4. If i don't enable security verification and delete the header in ajax then there will be no problem!

CREATE SERVICE "testc3"
        TYPE 'JSON'
        AUTHORIZATION off
       methods '*,OPTIONS'
        SECURE OFF
        USER DBA
        AS call "z_get_no"(:no);

asked 08 Feb, 13:29

mfkpie8's gravatar image

mfkpie8
158465259
accept rate: 14%

edited 10 Feb, 07:10

So what is your question?

(10 Feb, 03:54) Volker Barth

When WEB service AUTHORIZATION is on, use ajax http to display 401 unauthorized, this ajax code does not know how to write the http header

(10 Feb, 07:09) mfkpie8
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×52

question asked: 08 Feb, 13:29

question was seen: 90 times

last updated: 10 Feb, 07:10