为什么它可以在 PhoneGap 中运行，而不能在 Java 中运行.PhoneGap 在 Web 容器中运行该应用程序，因此已经通过身份验证 - 您拥有所有正确的 cookie.AJAX 将共享同一个会话，一切都正常工作".

How come it works from the PhoneGap but not Java. PhoneGap runs the app in a web container and so already has been authenticated - and you have all the right cookies. AJAX will share the same session that and everything 'just works'.

然而，HTTPClient 是完全不同的 - 您正在启动一个全新的 HTTP 会话，并且一切都必须正确.

However HTTPClient is a completely different - you are initiating a brand new HTTP session and everything has to be right.

关于 HTTP 身份验证如何工作的一些评论:

A few comments on how HTTP Auth works:

有多种 HTTP 身份验证方法 - 由网络服务器选择.在继续之前，请检查您的 Drupal 配置以确定它是否是:

There are several HTTP authentication methods - and it's the web server that chooses which. Before going any further, check your Drupal configuration to work out whether it is:

• 基本身份验证(用户名和密码).每个人和他们的狗都支持这一点，但这是非常不安全的.请参阅http://en.wikipedia.org/wiki/Basic_access_authentication了解更多详情
• 摘要(用户名和质询/响应哈希与 MD5.这更安全，但更复杂.请注意，MD5 现在通常被认为是弱的.许多库都支持它，包括 Apache.请参阅 http://en.wikipedia.org/wiki/Digest_access_authentication 了解更多详情
• 在 IIS 上实现的 NTLM(Kerberos/SPEGNO 的变体).这通常不受 Java 支持，尽管 HTTPClient 确实声称支持 - 但使用不同的 Credentials 对象.参见 http://hc.apache.org/httpclient-3.x/authentication.html#NTLM

• Basic Auth (username and password). Everyone and their dog supports this, but it's very insecure. See http://en.wikipedia.org/wiki/Basic_access_authentication for more details
• Digest (username and challenge/response hash with MD5. This is more secure but much more complex. Note that MD5 is generally considered weak now. Many libraries support it, including Apache. See http://en.wikipedia.org/wiki/Digest_access_authentication for more details
• NTLM (a variant of Kerberos/SPEGNO) which is implemented on IIS. This is not generally supported from Java, although HTTPClient does profess to - but using a different Credentials object. See http://hc.apache.org/httpclient-3.x/authentication.html#NTLM

(还要注意，Web 容器具有智能"功能，可以根据服务器的要求尝试不同的身份验证方法，所有这些都在幕后进行)

(Note also that the web container has the 'smarts' to be able to try different authentication methods as requested by the server, all behind the scenes)

还要检查 Drupal 网络日志.几点说明:

Also check the Drupal web logs. A few pointers:

• 您是否看到了 HTTPClient 连接.并且是指向正确资源的 URL.总是值得从服务器的角度检查 ...
• 它是否转到了正确的服务器?可能出错的一个示例:您是否使用 IPURL 中针对多宿主 Web 服务器的地址，因此请求会转到错误的服务器?
• 先检查客户端发送的身份验证类型是否正确(基本、摘要、NTLM)

• Did you see the HTTPClient connect at all. And is the URL going to the correct resource. Always worth checking from the server's perspective...
• Did it go to the right server? One example of what could go wrong: Are you using IP addresses in the URL against a multi-homed web server, so the request goes to the wrong server?
• Check that the authentication sent by the client pre-emptively is the correct type (basic, digest, NTLM)

如果这有帮助，请告诉我.如果没有，您可以根据这篇文章提供更多详细信息，我可以跟进提供更多建议.

Let me know if this helps. If not, and you can give more details as per this post, I can follow up with more advice.