使用基本身份验证调用web api始终从IIS中获取401未授权

时间:2016-08-08 21:17:00

标签: c# asp.net-web-api asp.net-web-api2 basic-authentication

今晚我来寻求一些关于如何调用IIS中托管的web api的帮助。

一切运作良好 在本地从visual studio到iis express。但奇怪的是,在我的IIS服务器上发布之后。我总是得到401未经授权:'(

以下是我使用的代码和IIS服务器中的设置。如果有人可以帮助我,我将非常感激。 谢谢

**

我尝试呼叫的控制器和功能(具有基本认证属性)

** 

    [HttpGet]
    [ActionName("Get_UserID")]
    [IdentityBasicAuthentication]
    [Authorize]
    public HttpResponseMessage Get_UserID(string userName)
    {
        HttpResponseMessage res = new HttpResponseMessage(HttpStatusCode.Created);
        try
        {
            var user = Membership.GetUser(userName, false);
            if (user != null)
            {
                res = Request.CreateResponse(HttpStatusCode.OK, (Guid)user.ProviderUserKey);
            }
            else
            {
                res = Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                res.Content = new StringContent("Error");
                res.ReasonPhrase = "UserName not find in the database";
            }
        }
        catch (Exception exc)
        {
            //Set the response message as an exception
            res = Request.CreateResponse(HttpStatusCode.InternalServerError);
            res.Content = new StringContent("Exception");
            res.ReasonPhrase = exc.Message;
        }
        return res;
    }

**

客户端 - 我如何调用web api并构建我的httpClient

** 

    public static async Task<HttpResponseMessage> RequestStart(string requestUrl, string webApiUrlBase = Globals.WebApi_Url, bool IsAuthenticateMemberRequest = false)
    {
        if (webApiUrlBase == null)
        {
            webApiUrlBase = Globals.WebApi_Url;
        }
        var response = new HttpResponseMessage(HttpStatusCode.Created);

        using (var client = new HttpClient())
        {
            if (IsAuthenticateMemberRequest)
            {
                string strToEncode = ApplicationData.Current.LocalSettings.Values["userName"].ToString() + ":" + ApplicationData.Current.LocalSettings.Values["password"].ToString();
                var authenticationBytes = Encoding.ASCII.GetBytes(strToEncode);

                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
                Convert.ToBase64String(authenticationBytes));
            }
            client.BaseAddress = new Uri(Globals.WebApi_Url);
            client.DefaultRequestHeaders.Accept.Clear();
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            response = await client.GetAsync(requestUrl);
        }

        return response;
    }

**

IIS配置(appPool =&gt; NetworkServices - 集成)

** enter image description here

**

Fiddler Debug

** enter image description here

1 个答案:

答案 0 :(得分:6)

最后经过多次搜索,很多人都是我自己。我找到了解决方案。我们永远不应该启用基本认证.... 我知道它很奇怪^^但是如果你想使用你的自定义基本身份验证。只需禁用IIS上的基本身份验证,一切顺利。

相关问题
最新问题