使用 Javascript 验证 Windows 身份验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6748050/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Authenticate Windows Authentication using Javascript
提问by Sency
I have to transfer my client from one website to another website. This happens in client side. In this 2nd website, its using windows basic authentication system. So It popups the login window. I need to omit this Popup window and authenticate my client on 2nd website using javascript and then redirect him to 2nd website. There is no security issue even I put credentials in javascript file since this whole system is running in Intranet. So How to authenticate client on 2nd website ?
我必须将我的客户从一个网站转移到另一个网站。这发生在客户端。在这第二个网站中,它使用 Windows 基本身份验证系统。所以它弹出登录窗口。我需要省略这个弹出窗口并使用 javascript 在第二个网站上验证我的客户端,然后将他重定向到第二个网站。由于整个系统都在 Intranet 中运行,因此即使我将凭据放在 javascript 文件中也没有安全问题。那么如何在第二个网站上验证客户端?
I found this thread How can I pass windows authentication to webservice using jQuery?
我找到了这个线程 How can I pass windows authentication to webservice using jQuery?
But it does not work. When I look the request header of 2nd url, It does not contain the Authorization tag.
但它不起作用。当我查看第二个 url 的请求标头时,它不包含 Authorization 标签。
回答by William Niu
If it is basic authentication and you don't mind exposing the credential, why don't you simply insert username and password into the URL? For example:
如果它是基本身份验证并且您不介意公开凭据,为什么不简单地将用户名和密码插入 URL 中?例如:
But if you have control over the Web server, you really should disable authentication for intranet connections.
但是,如果您可以控制 Web 服务器,则确实应该禁用对 Intranet 连接的身份验证。
回答by Lars
If it is a Windows based intranet, I would not hassle with Javascript, but use the default NTLM-Authentication, as described in this thread. That way, you can provide a single-sign-on for any number of sites with the normal username and password of the users of your network. To quote my answer from the other thread:
如果它是基于 Windows 的 Intranet,我不会使用 Javascript,而是使用默认的 NTLM-Authentication,如本线程中所述。这样,您可以使用网络用户的普通用户名和密码为任意数量的站点提供单点登录。引用我在另一个帖子中的回答:
It actually is possible with NTLM authentication. You need the AuthenNTLM-plugin, which will authenticate a user using the Internet Explorer. An example syntax would be
NTLM 身份验证实际上是可能的。您需要AuthenNTLM-plugin,它将使用 Internet Explorer 对用户进行身份验证。一个示例语法是
<Location />
PerlAuthenHandler Apache::AuthenNTLM
AuthType ntlm,basic
AuthName test
require valid-user
# domain pdc bdc
PerlAddVar ntdomain "name_domain1 name_of_pdc1"
PerlAddVar ntdomain "other_domain pdc_for_domain bdc_for_domain"
PerlSetVar defaultdomain wingr1
PerlSetVar ntlmdebug 1
</Location>
## taken from the documentation
Please refer to the module documentationfor more options and specific instructions on the setup - the above should get you started in the right direction.
有关设置的更多选项和具体说明,请参阅模块文档- 以上应该可以帮助您朝着正确的方向开始。
On the client side, Internet Explorer and Firefox should be able to login automatically after some configuration (Firefox needing a bit of special care- which may be achieved by setting the configuration variables during deployment).
在客户端,Internet Explorer 和 Firefox 应该能够在进行一些配置后自动登录(Firefox 需要特别注意- 这可以通过在部署期间设置配置变量来实现)。
回答by cwallenpoole
If this is Windows Authentication, then the response won't be prompting the client for credentials, the browser will be attempting to pass the credentials itself already. It does not quite work the way HTTP does -- you actually need to configure the browser itselfto to have it send the authorization based on Windows credentials.
如果这是 Windows 身份验证,则响应不会提示客户端输入凭据,浏览器将尝试传递凭据本身。它不像 HTTP 那样工作——您实际上需要配置浏览器本身,让它根据 Windows 凭据发送授权。
It does not appear that there is a simple JS solution to this at all.
似乎根本没有简单的 JS 解决方案。
