I have a basic web API application that is trying to support IntegratedWindowsAuthentication and Anonymous. Sample code below
using (WebApp.Start("http://localhost:8080/", (app) =>
{
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.EnsureInitialized();
HttpListener listener = (HttpListener)app.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication | AuthenticationSchemes.Anonymous;
app.UseWebApi(config);
}))
public class TestController : ApiController
{
[Authorize]
[Route("Secret")]
public int Get()
{
return 42;
}
[Route("Public")]
public int GetNoSecurity()
{
return 42;
}
}
~ / Secret is expected to require credentials and ~ / Public doesnt.
Everything works fine with Fiddler, but not with the browser. Pressing ~ / Secret from chrome / IE does not pop up in the credential message box.
source
share