如何为基本身份验证发送正确的授权标头

本文介绍了如何为基本身份验证发送正确的授权标头的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

限时送ChatGPT账号..

我正在尝试从我的 API POST 数据，但我无法通过基本身份验证.

I am trying to POST data from my API but I can't pass the basic authentication.

我尝试:

$.ajax({
  type: 'POST',
  url: http://theappurl/api/v1/method/,
  data: {},
  crossDomain: true,
  beforeSend: function(xhr) {
    xhr.setRequestHeader('Authorization', 'Basic [REDACTED]');
  }
});

我的服务器配置响应是:

My server configuration response is:

response["Access-Control-Allow-Origin"] = "*"
response["Access-Control-Allow-Methods"] = "POST"
response["Access-Control-Max-Age"] = "1000"
response["Access-Control-Allow-Headers"] = "*"

我得到的标题是:

请求标头

OPTIONS /api/v1/token-auth/ HTTP/1.1
Host: theappurl
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31
Access-Control-Request-Headers: origin, authorization, content-type
Accept: */*
Referer: http://127.0.0.1:8080/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

响应头

HTTP/1.1 401 Unauthorized
Server: nginx/1.1.19
Date: Fri, 16 Aug 2013 01:29:21 GMT
Content-Type: text/html
Content-Length: 597
Connection: keep-alive
WWW-Authenticate: Basic realm="Restricted"

我想服务器配置很好，因为我可以从 高级 REST 客户端(Chrome 扩展程序)

I guess the server configuration is good because I can access to API from the Advanced REST Client (Chrome Extension)

有什么建议吗?

PD:我从高级 REST 客户端获得的标头是:

PD: The header that I get from Advanced REST client is:

    User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31
    Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
    Authorization: Basic [REDACTED]
    Content-Type: application/x-www-form-urlencoded 
    Accept: */*
    Accept-Encoding: gzip,deflate,sdch
    Accept-Language: es,en;q=0.8
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

和

    Server: nginx/1.1.19 
    Date: Fri, 16 Aug 2013 01:07:18 GMT 
    Content-Type: application/json; charset=utf-8 
    Transfer-Encoding: chunked 
    Connection: keep-alive
    Vary: Accept, Cookie 
    Allow: POST, OPTIONS 
    X-Robots-Tag: noindex

发送OPTION方法

推荐答案

您可以将用户和密码作为 URL 的一部分:

You can include the user and password as part of the URL:

http://user:passwd@www.server/index.html

查看此网址，了解更多信息

see this URL, for more

在 URL 和加密中传递的 HTTP 基本身份验证凭据

当然，你需要用户名密码，它不是'Basic hashstring.

of course, you'll need the username password, it's not 'Basic hashstring.

希望这有帮助...

这篇关于如何为基本身份验证发送正确的授权标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！