English 中文(简体)
续会 Id on ajaxxml httprequest using jquery
原标题:Re-using jsessionId on ajax xmlhttprequest using jquery

• 我怎么能够发出“jquery ajax”(例如xml/httprequest)电话,以维护会议设计(例如,寄送已经在浏览器炉 co中的jsessionID co)。

www.un.org/Depts/DGACM/index_spanish.htm 我们的背景:

  • Two java based web applications
  • SSO mechanism logs User into both applications (i.e. has session 101 with application A and session 202 with application B)
  • Application "A" uses javascript (jquery) to make rest calls to the Application B
  • Application B implemented rest API in Java jersey (fwiw)
  • All GET s and "old-school form POSTS" from Application A to B connect to the same session #202 on "session B"
  • XmlHttpRequests (e.g. jquery ajax() calls) do not re-use session #202. Each XmlHttpRequest get a new session

www.un.org/Depts/DGACM/index_spanish.htm 为什么举行新会议?

其原因:XmlHttpRequest没有通过任何 co子来应用B. Servlet集装箱套在厨师中的垃圾。 服务器没有获得jsessionid

相比之下,JSONP电话(动态生成和提炼;字母弧=http://server/b/page.x”>do通过 co。

The questions

  • What s the easiest way to get ajax xmlhttprequest calls to pass session id (cookies) to the target application ?
  • Any good references on ajax, cookie, xmlhttprequest, and REST?
  • Can anyone recommend reading on REST API design and authentication?

Web Sessions, State, and Authentication

我知道,教育、科学和技术部本应是无国籍的,重新使用网络会议似乎有些脆弱(即,与使用奥乌特和认证标语一样,不像净立克)

This is the first iteration and we were close to getting things "up and running". This worked fine with JSONP, but XmlHttpRequest posts failed.

thanks in advance

<><>Update:

确实是一个棘手的问题。

由此可见,通过xmlhttprequest/ajax交叉站存在固有的安全问题和工作环境。 例如,如果你增加特别头盔,就不会通过XmlHttpRequest的 co。 那么,德国航天公司会向服务器进行飞行前检查(即:http://OPTIONS打上电话),看看看“这ok吗? 您的服务器需要回答“OPTIONS”电话,说“它 s......”,然后用 fire子做“职务”。

IE and Firefox solve these problem differently (i.e. a bit like javascript circa 1998). I don t konw what IE does, but having lived through 1998, we don t want to really go down that road if at all possible.

We coded a workaround.

None of our team knew this when we started coding. (i.e. "jsonp worked great in the prototype; everything else should also")

References: How Mozilla addresses this problem (http headers and preflight checks) https://developer.mozilla.org/En/HTTP_access_control

Cross Origin Resource Sharing: http://en.wikipedia.org/wiki/Cross-Origin_Resource_Sharing

问题回答

你们也可以通过部署国家代理人来解决这一问题。 d 必须在两处安装。 之后,你以会议为基础的电话将代表 calls笑,并将边远会议数据储存到你的地方代理会议。

时间:2012-09-20 23:34:23


上一篇:
下一篇:


相关问题
why the session in iis automatically log out?

I used iis6, and when i called a function Directory.delete(), the all the session relate this website will be logged out. and i debugged the website, i found no exception. any one have ideas on this ? ...

时间:2009-11-14 04:12:49 回答:2 展示:1
Check session from a view in CodeIgniter

What is the best way to check session from a view in CodeIgniter, it shows no way in their user guide, otherwise I will have to make two views on everything, which is kinda weird...still a newbie to ...

时间:2009-11-14 03:37:15 回答:2 展示:1
Can I get the size of a Session object in bytes in c#?

Is it possible to get the size(in bytes) of a Session object after storing something such as a datatable inside it? I want to get the size of a particular Session object, such as Session["table1"], ...

时间:2009-11-06 17:20:18 回答:4 展示:1
提供严格分类的出席会议物体

提供严格分类的与会机会的最佳方式是什么? 我正计划转而选择矩阵,这正在促使汇编者抱怨我的幻觉方案拟订方法......

时间:2009-11-06 17:14:32 回答:2 展示:1
PHP Session is not destroying after user logout

I m trying to create an authentication mechanism for my PHP Application and I m having difficulty destroying the session. I ve tried unsetting the authentication token which was previously set within ...

时间:2009-11-05 22:44:53 回答:5 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全