All geek questions in one place

401 Unauthorized authentication of web api-mvc errors

I get 401 unauthorized error. My web service is written in mvc. in IIS configured to use Windows authentication. Below is a snapshot of a violinist enter image description here

When I click the URL from the browser, it gives me a popup for entering the username and password. How can I avoid the popup?

I call this web api from another window.

+4
source share
5 answers

I added below lines in the web config to fix the problem and it worked.

<security> <authorization> <add accessType="Allow" users="*" /> </authorization> </security>
-one
source

If you are using WebClient, you need to install the Credientials. How do you call web api from windows service?

+3
source

I suspect that two web services may be hosted on the same server. In this case, the problem may be caused by checking the loopback. To check, try accessing the service without using the fully qualified domain name and see if it works. If so, follow these steps to specify host names on the local computer.

Method 1: specify the host names (preferred method if NTLM authentication is required) ( http://support.microsoft.com/kb/896861 )

To specify hostnames that are mapped to a loopback address and can connect to websites on your computer, follow these steps:

  • Set the DisableStrictNameChecking registry value to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 Connecting to SMB sharing on a computer running Windows 2000 or Windows A server 2003-based computer may not work alias name
  • Click "Start", select "Run," enter "regedit" and click "OK."
  • In the registry editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ LSA \ MSV1_0
  • Right-click MSV1_0, select New, and select Multiline Value.
  • Type BackConnectionHostNames and press Enter.
  • Right-click BackConnectionHostNames and select Modify.
  • In the Value field, enter the host name or host names for sites located on the local computer, and click OK.
  • Quit Registry Editor and restart the IISAdmin service.

http://blogs.4ward.it/impersonation-issues-401-error-mvc-and-web-api-4-5/

** Edited to be in the form of a response and include detailed steps from the links

+3
source

You can specify a username and password as part of the URL:

 http://username: password@www.example.com /foo/bar/baz

Note. Just because you can doesn’t mean what you need. Although this may be a temporary solution for checking things, I would not suggest doing this in production. And in the old days, that's exactly what we did. But, as @DiskJunky notes, β€œURLs are easily visible to almost anyone or anyone,” which includes your browser history, server logs, and possibly worse.

+1
source

My 2 cents: I came across a script when we were puzzled by HTTP 401 when requesting an image when deploying a web application. We use WiX as our packaging and installation solution. In this particular case, the image was not packaged by the installer, and therefore the path did not exist on the deployed instance.

One may wonder why this meant 401 , when 404 was expected (not found) - I understand that since our path was not directly under the root but something like root / content / images / image.png, and I made an anonymous request, I received 401 (unauthorized) since I did not have access to browse the directory. I confirmed this by adding an authorization header to my request, and then, as expected, I got 404 .

+1
source

Source: https://habr.com/ru/post/1495765/

More articles:


All Articles