How to make axios negotiate requests?

N

nurzhannogerbek2019-04-13 12:22:39

go

nurzhannogerbek, 2019-04-13 12:22:39

Hello! Please help me figure it out.
In general, the situation is as follows. From the client application (Vue.js), an axios (ajax) request is made to the URL of the backend application (Golang), which interacts with Kerberos for SSO (single sign-on) authorization. When accessing the URL address, you need to return information about the employee.
When physically accessing this URL through a browser, it turns out to pull out information about the employee. When accessed through the client application, it returns HTTP 401 Unauthorized Negotiate.
The client application itself stated the following:

axios.get(
    url,
    { 
        withCredentials: true
    }
)

CORS was configured in the backend application:

headers := handlers.AllowedHeaders([]string{"X-Requested-With", "Content-Type", "Authorization"})
methods := handlers.AllowedMethods([]string{"GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS"})
origins := handlers.AllowedOrigins([]string{"*"})
credentials := handlers.AllowCredentials() // true

As far as I understand, the browser collects and generates method data from the employee's machine itself, while the mechanism for axios request does not provide for this and is slightly different.
What to do in the current situation?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alex, 2019-04-13
@Kozack Vue.js

Just compare what headers are sent in direct access and programmatic access.