asp.net MVC 4 + WebAPI hosted in IIS 7.5 with windows authentication gives 401 unauthorized error

0
votes

I've hosted asp.net MVC 4 + WebAPI in IIS 7.5 with windows authentication. When I call the WebAPI from MVC4 view, it gives me 401 unauthorized error. But it works perfectly fine from my localhost.

I've set the principal in both the places (Thread.CurrentPrincipal & HttpContext.Current.User) from my AuthenticationModule class.

I tried with System.Web.HTTP AuthorizeAttribute.

When I debug with Jquery console, i could see the context principal is null.

Let me know the following.

  1. IIS hosting configuration?
  2. How to design the WebAPI authenticate/authorize calls from views?
2
asp.net-mvc-4asp.net-web-api
Have you actually installed the Windows Authentication role service for IIS 7.5? The default installation does not include the Windows authentication role service. See here: iis.net/configreference/system.webserver/security/…Myles J

2 Answers

0
votes
Could you show me how are you calling the web api? If you are calling it with an
httpclient you should provide a handler. I show you below:

        var handler = new HttpClientHandler()
        {
            UseDefaultCredentials = true
        };

        var client = new HttpClient(handler);
0
votes

Something wrong in my handler registration; I forgot to add it under system.webServer;

Actual configuration: 

<configuration>
            <system.web>
                <httpModules>
                    <add .........../>
                </httpModules>
            </system.web>
        </configuration

Added configuration: 

<configuration>
    <system.webServer>
        <modules runAllManagedModulesForAllRequests="true">
            <add .........../>
        </modules>
    </system.webServer>
</configuration