stackoom
  简体   繁体   中英

401 Unauthorized error when making ajax call to asp.net web api endpoint with window authentication enabled

 原文  2017-04-10 18:52:28       javascript/ jquery/ iis/ asp.net-web-api/ iis-8.5

Question

I created a simple ASP.NET web api application. I enabled CORS on it using Microsoft.AspNet.WebApi.Cors package.

This is how my controller looks: 

public class UserController : ApiController
    {
        [Route("user/name")]
        [HttpGet]
        public HttpResponseMessage GetUserName()
        {
            dynamic data = new ExpandoObject();
            data.user = HttpContext.Current.User.Identity.Name;
            var response = JsonConvert.SerializeObject(data);

            var msg = new HttpResponseMessage(HttpStatusCode.OK)
            {
                Content = new StringContent(response)
            };

            return msg;
        }
    }

I am only returning the userid from this controller.

I have hosted the app on IIS 8.5. I have disabled anonymous authentication & enabled windows authentication.

If I use rest client or directly access the endpoint by entering URL in browser, I get the user name. If I use a REST client, I get the response

but if I make AJAX call using jquery, I get 401 status code. 

$.ajax({url: 'http://serverName:8899/user/name',   method: 'GET' , 
success:function(res){
alert('hello');
}}) ;

The above call works in IE only chrome gives 401 error

How can I fix this error. I am enabling windows authentication using IIS and I have not changed my web.config at all. If this is authentication issue, why I am able to retrieve data when I use rest client?

1 answers

solution1
 0  2017-05-16 15:43:54

Make sure you also register CORS support either Globally, at the Controller, or at the Action.

Global - In your WebApiConfig.cs file from App_Start folder add:

public static void Register(HttpConfiguration config) {

// New code: var cors = new EnableCorsAttribute( origins: "*", headers: "*", methods: "*"); config.EnableCors(cors);

// Other configurations

}

Controller or Action - If desired/required to place support at these levels ( this will overwrite global settings - Action > Controller > Config). Above Controller or Action signature:

[EnableCors(origins: "http://localhost:[port #]", headers: "*", methods: "*")]

Note: * are "wildcards", might want to put the domain making the request ex: ( http://localhost:[ port # ])

Something that is very easy to miss/forget...

IN solution explorer, right-click api-project. In properties window set 'Anonymous Authentication' to Enabled !!!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question 401:unauthorized when I try to call a method via AJAX in .net ReferenceError: $ is not defined when making Ajax api call in asp.net razor page 404 error when making ajax call to asp.net MVC controller 401 Unauthorized ajax call from angular node application calling Web Api 2 application AJAX Jquery Call returning 401 (unauthorized) - API Call ASP.NET Ajax: close window after Ajax call? Making an ASP.NET MVC Ajax call with the use of Javascript Authentication - asp.net ajax javascript call to wcf Local Javascript Fetch Post Request Fails with call to ASP.NET Core 2.2 Web API. CORS is enabled AJAX call to dynamically build DataTable from ASP.NET Core web api
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM