AuthorizeAttribute works for MVC Controller but doesn't for ApiController
Question
I'm relatively new to MVC and WebAPI, so perhaps I'm doing some stupid thinks.
I'm starting my MVC + WebAPI project. I have just configured authentication, but faced a problem: [Authorize] attribute works correctly for MVC controllers and does not for API (returns always 401 error).
I need some special configurations for API? I'm using default ApplicationSignInManager (I mean one from startup project tempalte).
I have removed my Authorize attribute and I can see that in actions of MVC contoller User.Identity contains my signed in user, but API controller doens know nothing about it.
1 answers
solution1
3 2016-02-22 07:47:41
I've figured out what is going on. In the default project template I have WebApiConfig class with following lines:
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
These lines separates ApiContoller from other app. So removing them was fixed my issue.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.