When ajax is accessed asynchronously across domains, due to the protection mechanism of the browser, the jsessionId set by the cookie cannot be saved, and the sessionid is repeatedly generated in the next ajax request, resulting in repeated login requirements.
problem solved:
java side:
response.setContentType("textml;charset=UTF-8");
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "0");
response.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("XDomainRequestAllowed","1");
ajax front end:
In the ajax request is to add the corresponding things
$.ajax({
url:url,
// add this sentence
xhrFields: {
withCredentials: true
},
crossDomain: true,
success:function(result){
alert("test");
},
error:function(){
}
});
Reference from: http://www.cnblogs.com/renhaisong/p/6892341.html