dcsimg
www.webdeveloper.com
Results 1 to 2 of 2

Thread: XMLHttpRequest - basic authentication donīt work

  1. #1
    Join Date
    Apr 2017
    Posts
    2

    XMLHttpRequest - basic authentication donīt work

    Hello together,

    I am trying to consume a json service, which is running on my IIS Server 7.
    Everything works until I activate the baisc authentication in IIS.
    I am new in the web developtment and I spent much time in this issue and read a lot about CORS, but I canīt solve the problem.

    This is my request and the response.

    XMLHttpRequest

    var xhr = new XMLHttpRequest();
    xhr.open('GET', url, true);
    xhr.withCredentials = true;
    xhr.onreadystatechange = handler;
    xhr.setRequestHeader("Authorization", "Basic " + btoa(username + ":" + password));
    xhr.send();

    General

    Request URL:https://93.233.11.172:8080/api/person/1
    Request Method:OPTIONS
    Status Code:401
    Remote Address:93.233.11.172:8080


    Response Headers

    access-control-allow-credentials:true
    access-control-allow-headers:Authorization
    access-control-allow-methods:GET, POST, OPTIONS
    access-control-allow-origin:https://webidetesting8884705-s000820...l.ondemand.com
    access-control-max-age:86400
    content-length:1344
    content-type:text/html
    date:Fri, 21 Apr 2017 13:57:25 GMT
    server:Microsoft-IIS/10.0
    status:401
    www-authenticate:Basic realm="93.233.11.172"
    x-powered-by:ASP.NET


    Request Headers
    :authority:93.233.11.172:8080
    :method:OPTIONS
    ath:/api/person/1
    :scheme:https
    accept:*/*
    accept-encoding:gzip, deflate, sdch, br
    accept-language:de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
    access-control-request-headers:authorization
    access-control-request-method:GET
    origin:https://webidetesting8884705-s000820...l.ondemand.com
    referer:https://webidetesting8884705-s000820...entPreload=off
    user-agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36


    And the error message
    OPTIONS https://93.233.11.172:8080/api/person/1 401 ()
    XMLHttpRequest cannot load https://93.233.11.172:8080/api/person/1. Response for preflight has invalid HTTP status code 401


    If I exclude the line "xhr.setRequestHeader("......)", a prompt appears and after entering user and password everything works.
    I hope you have any ideas.

  2. #2
    Join Date
    Apr 2017
    Posts
    2
    After many many hours I solved it by myself.

    I needed to enhance the web.config file to allow OPTIONS requests:

    <system.web>
    <authentication mode="Windows" />
    <authorization>
    <allow verbs="OPTIONS" users="*"/>
    <deny users="?" />
    </authorization>
    </system.web>

    And in the IIS Server I activated both "anonymous authentication" and "basic authentication".

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles