如何使用Ext.Ajax登录spring security？

public class CorsFilter extends OncePerRequestFilter {

    private static final String ORIGIN = "Origin";


    @Override
    protected void doFilterInternal(HttpServletRequest request,HttpServletResponse response,FilterChain filterChain)
        throws ServletException,IOException {

        response.addHeader("Access-Control-Allow-Origin","*");
        response.setHeader("Access-Control-Allow-Credentials","true");
        response.addHeader("Access-Control-Max-Age","10");

        String reqHead = request.getHeader("Access-Control-Request-Headers");

        if (!StringUtils.isEmpty(reqHead)) {
            response.addHeader("Access-Control-Allow-Headers",reqHead);
        }

        if (request.getMethod().equals("OPTIONS")) {
            try {
                response.getWriter().print("OK");
                response.getWriter().flush();
            } catch (IOException e) {
            e.printStackTrace();
            }
        } else{
            filterChain.doFilter(request,response);
        }
    }
 }

过滤配置：

<security:http use-expressions="true">
    ...
    <sec:custom-filter ref="CorsFilter" before="HEADERS_FILTER"/>
</security:http>

和豆：

<bean id="CorsFilter" class="..." />

我希望用户使用AJAX请求进行登录.我使用Advanced REST client和http requester测试ajax请求.扩展的结果如下：

Ext Ajax请求代码如下：

Ext.Ajax.request({
    url: "http://localhost/Calk/j_spring_security_check",//      params: {
//          "j_username": "ali",//          "j_password": "123456"
//      },params: "j_username=ali&j_password=123456",headers: {
        "Content-Type": "application/x-www-form-urlencoded"
    },method: "POST",success: function(){...},failure: function(){...}
});

当我发送请求时,它得到200 OK,我在客户端初始化应用程序,并发送一些请求来获取一些数据.但所有这些请求的服务器获得401 Unauthorized.

有什么问题？

重要更新：

登录请求如下：

服务器设置cookie作为响应,获取授权数据请求如下：

为什么？