locked
StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers RRS feed

  • Question

  • User1415789316 posted

    I am using ASP.NET MVC4 and calling a method within a controller from one MVC4 project to another, using PostAsync.  I am not using any authentication attribute within the called controller or method.

    Referencing this link: [link][1]   [1]: https://stackoverflow.com/questions/16573145/asp-net-mvc-4-401-access-deniedhttp://

    Fixed my issue when running application locally and calling PostAsync to application on server. Now, when I deploy the application to the server and try to call the other application I get the unauthorized error. What am I doing wrong?

    Both application running in IIS are using the same site, and the same application pool.

    Using remote debugging, this is the server response:

        {StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:     {       Cache-Control: private       Server: Microsoft-IIS/7.0       WWW-Authenticate: Negotiate       WWW-Authenticate: NTLM       X-Powered-By: ASP.NET       Date: Fri, 23 Jun 2017 13:44:19 GMT       Content-Length: 6644       Content-Type: text/html; charset=utf-8     }}

    And this is my code:

    using (var handler = new HttpClientHandler { UseDefaultCredentials = true })             
    using (HttpClient client = new HttpClient(handler) { BaseAddress = new Uri(Properties.Settings.Default.EnvironmentRootPath)})             
    {                 
      List<string> orderNumbers = NumList;                
       var pairs = new List<KeyValuePair<string, string>>                 
       {                     
         new KeyValuePair<string, string>("orderNumbers", string.Join(",", orderNumbers))                 };
         var content = new FormUrlEncodedContent(pairs);
         var response = client.PostAsync("CentralBroadcast/broadcastNewOrder", content).Result;                 
    
    if (response.IsSuccessStatusCode)                 
    {                     //                 
    }                 
    else                 
    {                     //                 
    }             
    
    

    Application Pool is using Network for Identity.

    Monday, June 26, 2017 1:38 PM

All replies

  • User991499041 posted

    Hi eaglei22,

    {StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:     {       Cache-Control: private       Server: Microsoft-IIS/7.0       WWW-Authenticate: Negotiate       WWW-Authenticate: NTLM       X-Powered-By: ASP.NET       Date: Fri, 23 Jun 2017 13:44:19 GMT       Content-Length: 6644       Content-Type: text/html; charset=utf-8     }}

    When IIS cannot authenticate a request, it returns a 401.x-Unauthorized code. The substatus codes provide detailed information about why the request failed.

    IIS 7.0, IIS 7.5, and IIS 8.0 define several HTTP status codes that indicate a more specific cause of a 401 error. The following specific HTTP status codes are displayed in the client browser but are not displayed in the IIS log:
    401.1 - Logon failed.
    401.2 - Logon failed due to server configuration.
    401.3 - Unauthorized due to ACL on resource.
    401.4 - Authorization failed by filter.
    401.5 - Authorization failed by ISAPI/CGI application.

    By default, IIS 7.0, IIS 7.5, and IIS 8.0 put log files in the following folder:

    inetpub\logs\Logfiles

    Could you show substatus codes in logfile?

    Regards,

    zxj

    Tuesday, June 27, 2017 2:50 AM
  • User1415789316 posted

    Sorry for the delayed response. I went on vacation for a week.

    I looked at the server logs, and for the PostAsync path, I see the following:

    POST /Development/Dd/SignalRBroadcast/broadcastNewOrder -  -  - 401 2
    POST /Development/Dd/SignalRBroadcast/broadcastNewOrder -  -  - 401 1

    There are some numbers after the 2 and 1, but I removed those for security as I am not sure what they represent.

    Wednesday, July 5, 2017 1:03 PM