Authenticate a Cross-Domain Request from Javascript
Question
I'm trying to build a public-facing webservice (WCF/Rest) that implements basic authentication. The problem I'm running into is that in order for the webservice to be accessible, it has to allow for scripting from other domains. In order to do this, the end user will have to make use of JSONP to get the resonse and JSONP requests do not allow for additional headers (such as the basic authentication header).
I need to be able to support IE8-10, Firefox, and Chrome with this solution.
I've tried changing the url to:
http://username:password@Service/Endpoint/Method
but to no avail in IE10.
Also I used the suggestion from this post:
http://kevinkuchta.com/_site/2012/01/basic-authentication-with-jsonp/
but it looks like that doesn't cut it in IE10 either.
1 answers
solution1
0 2013-04-30 14:30:06
Here is an example of implementing HTTP auth with JSONP.
It assumes your server will track that the user is authenticated using a cookie. You put the basic auth credentials on a image request, the do the JSONP after you are authenticated.
Alternatively, you can pass querystring parameters with the auth details. Those would work with JSONP. However this clearly is not basic HTTP auth as you requested.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.