none
WebAPI Controller throws "HTTP Error 401 Unauthorized" RRS feed

  • Question

  • Hi,

    I am building a dashboard with various charts using an approach very similar as the one described here, using WebAPI Controllers, JQuery, and ServerApplicationContext.

    The issue I'm having is that I'm getting HTTP Error 401 (Unauthorized) when calling the Web API bound to a drop down wich passes parameters as filters:

    contentItem.dataBind("screen.ScopeFilter", function (newValue) {

    if (newValue) {
                    contentItem.value = newValue;

    $.getJSON("../api/GAP/AnalisisDNS/" + contentItem.value, function (data) { //some js code here

    } });


    The funny thing is, despite the error, I can see the JSON data in the response, but the custom control does not render.

    It doesn't happen EVERY time, sometimes when the page first loads, sometimes after a filter is applied for the second time, with different parameter values:

    Any suggestions?


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.



    Friday, September 26, 2014 11:39 PM

Answers

  • I fixed the issue removing the permission checking from the actions in Web API Controller.

    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.

    Friday, October 31, 2014 12:50 AM

All replies

  • HI Nicolás,

    Cleaning and rebuilding your current Project (Right-click > Clean, Right-click Rebuild respective) and see if that makes any difference at all. 

    In addition, you can use fiddler to catch some error message, it will be helpful to troubleshoot this issue.

    Please let me know if there is anything that I can do to help.

    Best regards,

    Angie


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, October 1, 2014 9:38 AM
  • I found that the error is thrown because fails to check a permission. However the permission is granted, and I don't know why the data is retrieved. It's ilogical.

    The code is as follows (some HttpGet action inside GAPController):

    public object AnalisisDNS(int rel)
    {
      ServerApplicationContext ctx;
      HttpResponseMessage fullResponse;
      using (ServerApplicationContextProvider.GetCurrentOrNewApplicationContext(out ctx))
      {
        //Check permission
        if (Application.Current.User.HasPermission(Permissions.ThePermission))
        {
           //Business logic that returns query result
           return query.Execute();
        }
        else
        {
           return fullResponse = Request.CreateResponse(HttpStatusCode.Unauthorized, "Access denied.");
        }
    }


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.



    Wednesday, October 1, 2014 3:43 PM
  • I'll ask before this thread is burried in the forum: does anybody see something wrong with my code?

    Is it normal to check for user permission and get "isAnonymous = true" often times? (hence unauthorized, unauthenticated) (see screenshot below and code in my previous post)

    (BTW, the title of the post should now be "Application.Current.User returns isAnonymous = true" since that's the real issue. Nothing wrong with Web API)


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.


    Wednesday, October 8, 2014 4:16 AM
  • Are you calling the Web API method from a "render" method on a control or the screen created method? I recommend the "render" method on a control.

    I would not check for permission. The security you put on each Entity will handle security. LightSwitch will only allow a person to see the data they are suppose to see.

     

    Unleash the Power - Get the LightSwitch 2013 HTML Client / SharePoint 2013 book

    http://LightSwitchHelpWebsite.com

    Wednesday, October 8, 2014 12:11 PM
  • Hi Michael, 

    I'm calling the Web API from a 'render' method on a custom control, not the screen created.

    The thing is there are screens with 4 to 10 custom controls calling Web API actions sometimes, and they don't always get the data.


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.

    Wednesday, October 8, 2014 3:32 PM
  • I use WCF Services for most of my stuff because I find I can get data from many tables and return one or two entities.

    Unleash the Power - Get the LightSwitch 2013 HTML Client / SharePoint 2013 book

    http://LightSwitchHelpWebsite.com

    Wednesday, October 8, 2014 4:01 PM
  • I fixed the issue removing the permission checking from the actions in Web API Controller.

    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.

    Friday, October 31, 2014 12:50 AM