locked
Reponse content is covered by IIS 401 error html page. RRS feed

  • Question

  • User-2021386652 posted

    I expand AuthorizationFilterAttribute, and set HttpResponseMessage as below code.

    Content = new StringContent(JsonConvert.SerializeObject(responseModel)),
    StatusCode = System.Net.HttpStatusCode.Unauthorized 

    But, when I check browser network, it does not show the specified respond, and shows IIS 401 page instead.

    It seems the IIS 401 page cover my  specified string by above code.

    So, what happened? how to resolve it?

    Thanks.

    Monday, December 2, 2019 9:58 AM

All replies

  • User-474980206 posted

    there is no iis 401 page. generally there is no content with a 401 status. the browser has a default it displays.

    Monday, December 2, 2019 3:08 PM
  • User753101303 posted

    Hi,

    Could it be that your code is not even reached? If using Windows authentication I should be done for you earlier. If seeing really some page in the browser, it might be a 401.2 error (authentication error because of a server side configuration issue).

    As I alluded earlier it's a bit hard to help without any context. For now it seems you absolutely want to send back a custom response whatever happens, the problem being perhaps here that the response is handled earlier.

    It might be easier to help if we can better grasp what you are trying to do. If it never worked, try maybe the simplest thing first and then be explicit about which enhancements you want or if this is an attempt to solve some issue, discuss directly your source issue (rather than a solution that you think might solve your problem and that maybe leads in a wrong direction ?)

    From your earlier post I suspect Windows authentication doesn't work out of the box for you and that you perhaps try to solve this without having first a good idea of why it doesn't work. Within its limit, Windows authentication is quite easy and basically just works out of the box (you have a web site and an api site that are both part of your intranet ?)

    Thursday, December 5, 2019 9:17 AM
  • User-211469903 posted

    there is no iis 401 page. generally there is no content with a 401 status. the browser has a default it displays.

    This is not true, there is a 401 page in IIS:

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
       <head>
          <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
          <title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
          <style type="text/css">
             <!--body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
    fieldset{padding:0 15px 10px 15px;} 
    h1{font-size:2.4em;margin:0;color:#FFF;}
    h2{font-size:1.7em;margin:0;color:#CC0000;} 
    h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
    #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
    background-color:#555555;}
    #content{margin:0 0 0 2%;;}
    .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;;}-->
          </style>
       </head>
       <body>
          <div id="header">
             <h1>Server Error</h1>
          </div>
          <div id="content">
             <div class="content-container">
                <fieldset>
                   <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
                   <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
                </fieldset>
             </div>
          </div>
       </body>
    </html>

    Monday, December 7, 2020 1:26 PM