一个MapHttpRoute上带有IIS8.5的Web API 2错误401.0

Question

I'm making an Web API 2.

Debugging on my local machine works fine. VS 2013 + IIS 8.0
The server is running Windows 2012 R2 + IIS 8.5 + Plesk v12

All my routes works fine when I debug it on my local machine.
I'm using Postman and Fiddler to check everything on the API.
I've got one excepting when I deploy it to the server and I send a PUT request to route http://example.net/service/Member/Profile/9
I get the following error:

HTTP Error 401.0 - Unauthorized You do not have permission to view this directory or page.

Most likely causes: The authenticated user does not have access to a resource needed to process the request.

Module: WebDAVModule

Notification: ExecuteRequestHandler

Handler: WebDAVStaticMapping

Error Code: 0x80070005

Requested URL: http://example.org/service/Member/Profile/5

Physical Path:C:\\Inetpub\\vhosts\\example.org\\httpdocs\\service\\Member\\Profile\\5

Logon Method: Anonymous

Logon User: Anonymous

I checked the configuration on IIS and it's looking fine I think. The anonymous authentication is active and the other authentication methods are deactivated. The ApplicationPoolIdentity is selected.

Code Behind the Web API 2

The route is mapped like this:

config.Routes.MapHttpRoute(
            name: "EditMember",
            routeTemplate: "service/Member/Profile/{id}",
            defaults: new { controller = "Members", action = "Update", id = RouteParameter.Optional },
            constraints: null
        );

It will run this code in the controller:

// PUT: service/Member/5
[ActionName("Update")]
[ResponseType(typeof(void))]
public async Task<IHttpActionResult> PutMembers(int id, MemberUpdate member)
{
    if (!ModelState.IsValid)
    {
        return BadRequest(ModelState);
    }
    IEnumerable<Members> memberSearchExist = from search in db.MembersSet
                                             where search.Id == id 
                                             select search;
    if (!memberSearchExist.Any())
    {
        return Conflict();
    }
    try
    {
        Members memberChanged = memberSearchExist.FirstOrDefault();
        memberChanged.Firstname = member.Firstname;
        memberChanged.Lastname = member.Lastname;
        memberChanged.DateOfBirth = member.DateOfBirth;
        memberChanged.Email = member.Email;

        db.Entry(memberChanged).State = System.Data.Entity.EntityState.Modified;

        await db.SaveChangesAsync();
    }
    catch (DbUpdateConcurrencyException)
    {
        if (!MembersExists(id))
        {
            return NotFound();
        }
        else
        {
            throw;
        }
    }
    return StatusCode(HttpStatusCode.NoContent);
}

I'm using CORS and it's working fine for all the other things.

var corsAttr = new EnableCorsAttribute("http://app.example.org, http://localhost:14844", "*", "*");
config.EnableCors(corsAttr);

Could someone help me please?

Thanks in advance!

Answer 1

The first problem is the WebDav Module. The module is blocking the PUT and DELETE methods. You can resolve this by uninstall it. Here can you find how to do this: https://betimdrenica.wordpress.com/2013/02/05/web-api-on-iis-8-0-405-method-not-allowed-for-put/

The second problem was an HTTP Error 404.0 - Not Found, MapRequestHandler I found this solution: https://stackoverflow.com/a/5677618/2660428 on SO And I followed this step to install Server Side Includes http://www.iis.net/configreference/system.webserver/serversideinclude

The last problem was that I could only

var corsAttr = new EnableCorsAttribute("http://app.example.org", "*", "*");
config.EnableCors(corsAttr);

Now everything is working fine.