0

I am using the new MVC 4 Beta Web API. I want to add an [Authorize] attribute to the Get action in order to have the user authenticate themselves before getting data from the server. I am using fiddler to test the action, but it is redirecting me to the Login Url that is defined in the web.config. I am using [System.Web.Http.Authorize] to add the [Authorize] attribute.

Improve this question

2 Answers 2

Reset to default
1

The reason for this happening is because the Forms Authentication module hijacks the 401 HTTP status code returned by the Web API and redirects to the Login page. You may take a look at the following blog post in which Phil Haack talks about how to configure ASP.NET to prevent it from doing this for AJAX requests. You could slightly modify his code so that it does this for all requests, or only for requests for your Api controllers.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

after installing this solution through NuGet I was still sent to the Login Redirect Url, but instead of a 200 that shows the Login I was receiving an error saying it could not find the controller after the redirect.
0

To get it working in my API I just removed the authentication section from web.config and wrote (well converted from my WCF WebApi code) a message handler. I've put what I did in to a blog post.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.