Jquery 对MVC WebApi Web服务的跨域Ajax调用不包括凭据cookie
我在SharePoint.mysite.com上有一个SharePoint网站,我已将其设置为通过ThinkTecture Identity Server进行身份验证。我能够成功登录此站点 我在webservice.mysite.com上设置了一个MVC WebApi web服务,该服务还配置为通过ThinkTecture Identity Server进行身份验证 在我的一个sharepoint页面上,我对WebApi web服务进行了JQuery AJAX调用。我已将crossDomain设置为true,并将withCredentials设置为true。选项飞行前请求成功返回,但cookie未与实际请求一起传递Jquery 对MVC WebApi Web服务的跨域Ajax调用不包括凭据cookie,jquery,asp.net-mvc,asp.net-web-api,cors,Jquery,Asp.net Mvc,Asp.net Web Api,Cors,我在SharePoint.mysite.com上有一个SharePoint网站,我已将其设置为通过ThinkTecture Identity Server进行身份验证。我能够成功登录此站点 我在webservice.mysite.com上设置了一个MVC WebApi web服务,该服务还配置为通过ThinkTecture Identity Server进行身份验证 在我的一个sharepoint页面上,我对WebApi web服务进行了JQuery AJAX调用。我已将crossDomain设
$.ajax({
type: "GET",
contentType: "application/json; charset=utf-8",
url: "http://webservice.mysite.com/api/[controller]/[method]",
crossDomain: true,
xhrFields: {
withCredentials: true
},
data: {},
datatype: "json",
success: getDataSuccess,
error: getDataError
});
HTTP/1.1 200 OK
Via: 1.1 ISIS
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Content-Length: 0
Expires: -1
Date: Fri, 16 May 2014 13:17:28 GMT
Server: Microsoft-IIS/8.5
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Allow-Origin: http://sharepoint.mysite.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: accept, content-type
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
GET http://webservice.mysite.com/api/[controller]/[method] HTTP/1.1
Host: sharepoint.mysite.com
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
Origin: http://sharepoint.mysite.com
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: http://sharepoint.mysite.com/page
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Via: 1.1 ISIS
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Content-Length: 0
Expires: -1
Date: Fri, 16 May 2014 13:17:28 GMT
Server: Microsoft-IIS/8.5
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Allow-Origin: http://sharepoint.mysite.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: accept, content-type
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
GET http://webservice.mysite.com/api/[controller]/[method] HTTP/1.1
Host: sharepoint.mysite.com
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
Origin: http://sharepoint.mysite.com
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: http://sharepoint.mysite.com/page
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 401 Unauthorized
Via: 1.1 ISIS
Connection: Keep-Alive
Proxy-Support: Session-Based-Authentication
Connection: Proxy-Support
Content-Length: 61
Expires: -1
Date: Fri, 16 May 2014 13:29:53 GMT
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/8.5
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Allow-Origin: http://sharepoint.mysite.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
{"Message":"Authorization has been denied for this request."}