http-status-code-401 | 易学教程

When using an API route, return Http Response 401 instead of redirect to login page when not authorised

阅读更多关于 When using an API route, return Http Response 401 instead of redirect to login page when not authorised

问题 I'm building an ASP.NET Core 2.0 website using MVC and WebAPI to provide access to a series of microservices. Where a WebAPI controller requires a user to be authenticated and authorised (using the Authorize attribute), any unauthorised or not-logged in user gets the response back as the entire HTML for the MVC login page. When unauthorised users access the API, I would like to return the HTTP status code 401 and its associated error message in the response, instead of an entire HTML page. I

MVC + Ajax call to Controller Loses Authentication

阅读更多关于 MVC + Ajax call to Controller Loses Authentication

问题 I've seen similar issues in some posts but none of the answers have helped yet. My MVC app has a few AJAX/JSON response methods in one controller, and the calls get to destination but it doesn't work in IE or Chrome, and in mozilla it does, but Firebug returns a very strange set of 3 attempts (all return 401 error) but the last one does actually work! My App has windows authentication, how can I extend this to my Ajax methods? the rest of the app works fine. I've tried bypassing the 401 by

passport.js - Access fail message after 401 error

阅读更多关于 passport.js - Access fail message after 401 error

问题 Currently I can access messages set in done(null, user, {message: 'ok'}) inside post request via req.authInfo like this: app.post('/reg', passport.authenticate('local-reg', { session: false }), function (req, res) { console.log(req.authInfo.message); --> 'ok' }); Which is very useful. But how can i access message like this done(null, false, {message: 'username taken'}) in the same fashion, as it seems that passing done(null, false) in passport.authenticate makes it throw 401 unathorised,

PHP Digest auth, logout

阅读更多关于 PHP Digest auth, logout

问题 Is there a way to logout of a digest authentication done in php. I have tried unset($_SERVER["PHP_AUTH_DIGEST"]); But it wont ask to relogin. I know if i close the browser then it will work and here are my functions. function login(){ $realm = "Restricted area"; $users = array("jamesm"=>""); if (empty($_SERVER["PHP_AUTH_DIGEST"])) { header("HTTP/1.1 401 Unauthorized"); header("WWW-Authenticate: Digest realm=\"{$realm}\",qop=\"auth\",nonce=\"".uniqid()."\",opaque=\"".md5($realm)."\""); return

Angular5 http reponse interceptor unable to read status code

阅读更多关于 Angular5 http reponse interceptor unable to read status code

I am trying to intercept http responses and redirect any 401's but the err object below is only returning me the following string. I was expecting to at least find the status code.. 401 - Unauthorized Details: Http failure response for http://localhost:4200/api/foo : 401 Unauthorized I can see in the network tab that a well formed 401 is being returned by the server. Any ideas on how I can read them correctly? intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> { const authRequest = request.clone({ setHeaders: { Authorization: `Bearer ${this.authService.getToken

Catch 401 error in Rails with Devise when user has multiple windows open

阅读更多关于 Catch 401 error in Rails with Devise when user has multiple windows open

问题 Scenario is this: User has 2 windows on which s/he is logged in. S/he logs out of one, stays logged in on the other, and then on the latter, triggers some action, say a form submission. Initially, what happened is that it threw a invalid authenticity token error. I've updated the protect_from_forgery in ApplicationController to be with: :null_session so that instead of the Exception it throws a 401. Great! Now for step 2, rather than the user just seeing a line of text saying You need to sign

HTTP/1.1 401 Authorization Required with HttpClient 4.1.1

阅读更多关于 HTTP/1.1 401 Authorization Required with HttpClient 4.1.1

问题 Updated Code:- Using SSL, still am getting the same error.. I am trying to open this uri https://some-host/a/getmeta?id=10 (this url is passed to proxi.jsp page) And this is my proxi.jsp page, And I am getting this error HTTP/1.1 401 Authorization Required and when I am passing my credentials too. Why is it happening so.. And that site use siteminder. <%@ page language="java" import=" org.apache.http.HttpEntity, org.apache.http.HttpResponse, org.apache.http.auth.AuthScope, org.apache.http

IOSLinkedInAPI: Can't share post with the LinkedIn API

阅读更多关于 IOSLinkedInAPI: Can't share post with the LinkedIn API

问题 I have been using following SDK to perform integration of LinkedIn into iOS and sharing post from iDevices. SDK is available here: https://github.com/jeyben/IOSLinkedInAPI In this code I can't find proper example code but however I had written some code through which post can be shared. Here is my code: In the code I have only single viewcontroller in which I have taken only two buttons, 1) Linked In Account [This button is used to present login controller and gets user successfully logged

How do I connect to router “panel” using C#

阅读更多关于 How do I connect to router “panel” using C#

I'm trying to connect to my router "panel" (192.168.1.1) using a simple C# HTTP Web Request: var userName = "admin"; var passWord = "admin"; var encoding = new ASCIIEncoding(); var postData = "" + userName; postData += (":" + passWord); //I saw (using Wireshark) that the HTTP packet is sending the username & password in this form: "username:password" byte[] data = encoding.GetBytes(postData); var myRequest = (HttpWebRequest)WebRequest.Create("http://192.168.1.1"); myRequest.Method = "POST"; **//Or should I use GET?** myRequest.ContentType = "application/x-www-form-urlencoded"; myRequest

Oracle ADF Secured App Gives HTTP 401 Error

阅读更多关于 Oracle ADF Secured App Gives HTTP 401 Error

I am new to Oracle ADF Framework. I develop on JDeveloper 11g R2 with Weblogic 10.3.5.0. I developed an project like described in a Firebox training video on Youtube . You can download my project from here The video was about creating a custome login page. You have to create login,error anad the target pages. When you try to open target page login page comes then you enter your credentials. After success yoou should be directed to the target page. I used a backing bean to process credentials but instead of redirected to target page the response page gives: Error 401--Unauthorized From RFC 2068