Javascript 使用asp.net和iis在geoserver中进行身份验证

我不知道这是否是一个愚蠢的问题，但我如何才能将asp.net身份验证与openlayers“结合”起来

我在openlayers（在c#，服务器端）中创建了一个登录页面进行身份验证，这是我的代码

Uri uri = new Uri("http://"+username+":"+password+"@localhost:1979/geoserver/wms");
        if (uri.Scheme == Uri.UriSchemeHttp)
        {
            HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
            request.Method = WebRequestMethods.Http.Post;

            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            StreamReader reader = new StreamReader(response.GetResponseStream()); string tmp = reader.ReadToEnd();
            response.Close();
            Response.Write(tmp);
        }

我不知道这是否是解决我的问题的正确方法，不管怎样，如果我达到了我的目标（在geoserver中使用用户名和密码进行身份验证），我如何将此身份验证与openlayers结合起来，openlayers位于用户端（javascript）

---

提前感谢

要从javascript端向geoserver进行身份验证，您必须向geoserver自动验证servlet发送帖子（j_spring_security_check）。请尝试使用此登录功能：

     function login (options) {
    // url del servlet del geoserver
    var url = options.server + "/geoserver/j_spring_security_check";
    // parametros para el login
    params = "username=" + options["user"] + "&password="
                + options["password"];

    var contentType = "application/x-www-form-urlencoded";
    //se inicializa la petición ajax
    var ajax = $.ajax({
        data : params,
        type : "POST",
        contentType : contentType,
        url : url
    });
    // se ejecuta cuando la peticion finaliza
    ajax.done(function() {

        if ($.cookie("JSESSIONID") != null && options && options.success) {
            options.success();
        }
    });
    // si ocurrio un error al realizar la peticion
    ajax.fail(function(data) {
        if (options && options.failure) {
            options.failure(data);
        }
    });
    // se ejecuta siempre al final de la petición, sin importar que esta
    // haya fallado
    ajax.always(function() {
        if (options && options.always) {
            options.always();
        }
    });
};

用这种方法

 login({
    user:"admin" //geoserver user
    password: "adminPassword", 
    server : "http://192.168.10.1:8080", //geoserver host
    success : function(){
        alert("Login OK!");
    },
    failure : function(){
        alert("Login fail!");
    }
});

---

由于某些原因，GeoServer无法正确处理2.7之后的身份验证传递。因此，我添加了一种从服务器上的page方法登录并将auth cookie保存在会话变量中的方法。虽然不漂亮，但很管用

            'Post a login request to GS.
        Dim myCookies As String = ""
        Dim Method As String = "POST"

        Dim HttpWRequest As System.Net.HttpWebRequest = CType(WebRequest.Create("https://" & GSServer & "/geoserver/j_spring_security_check"), HttpWebRequest)

        Dim PostData As String = "username=" + UID + "&password=" + PWD
        HttpWRequest.KeepAlive = False
        HttpWRequest.Headers.Set("Pragma", "no-cache")
        'HttpWRequest.Headers.Set("Translate", "f")
        HttpWRequest.ContentType = "text/xml"
        HttpWRequest.ContentLength = PostData.Length

        'This is important, otherwise j_spring security check does an immediate redirect, and the cookie is lost.
        HttpWRequest.AllowAutoRedirect = False

        If String.IsNullOrEmpty(UID) = False Then
            HttpWRequest.Credentials = New NetworkCredential(UID, PWD)
        End If

        If String.IsNullOrEmpty(myCookies) = False Then
            HttpWRequest.Headers("Cookie") = myCookies
        End If

        'Set the request timeout to 5 minutes.
        HttpWRequest.Timeout = 300000
        ' set the request method
        HttpWRequest.Method = Method

        If Method = "POST" Or Method = "PUT" Then
            ' Store the data in a byte array.
            Dim ByteQuery() As Byte = System.Text.Encoding.ASCII.GetBytes(PostData)
            HttpWRequest.ContentLength = ByteQuery.Length
            Dim QueryStream As Stream = Nothing
            Try
                QueryStream = HttpWRequest.GetRequestStream()
            Catch e As Exception
                'WriteToLog(e.Message)
                Throw New ArgumentException("Couldn't log into GeoServer.")
            End Try
            ' Write the data to be posted to the Request stream.
            QueryStream.Write(ByteQuery, 0, ByteQuery.Length)
            QueryStream.Close()
        End If

        ' Send the request and get a response.

        Dim HttpWResponse As HttpWebResponse
        Try
            HttpWResponse = HttpWRequest.GetResponse()
        Catch e As Exception
            'WriteToLog(e.Message)
            Throw New ArgumentException("Couldn't log into GeoServer.")
        End Try

        ' Get the Response stream.
        Dim strm As Stream = HttpWResponse.GetResponseStream()

        ' Read the Response stream.
        Dim sr As StreamReader = New StreamReader(strm)
        Dim sText As String = sr.ReadToEnd()



        ' Close the stream.
        strm.Close()

        myCookies = HttpWResponse.GetResponseHeader("Set-Cookie")
        HttpContext.Current.Session("GeoServerSessionID") = myCookies
        ' Clean up.
        HttpWRequest = Nothing
        HttpWResponse = Nothing

        If sText.Contains("Invalid username/password combination") Or String.IsNullOrEmpty(myCookies) Then
            Throw New ArgumentException("Couldn't log into GeoServer.")
        End If

---

这会为我的Geoserver登录页面提供302重定向-有什么想法吗？进一步说明-当您发送此请求时，无论您的凭据是否正确，它都会返回HTTP 302。然后，您需要使用JSESSION cookie ping一个受限页面，并查看是否获得HTTP 401来验证凭据。