http-status-code-401

I'm building an ASP.NET Core 2.0 website using MVC and WebAPI to provide access to a series of microservices. Where a WebAPI controller requires a user to be authenticated and authorised (using the Authorize attribute), any unauthorised or not-logged in user gets the response back as the entire HTML for the MVC login page. When unauthorised users access the API, I would like to return the HTTP status code 401 and its associated error message in the response, instead of an entire HTML page. I've looked at a few existing questions and noticed that they either refer to ASP.NET MVC (such as

I'm creating an application with phonegap on windows phone 7, that need an authentification on a server. When we log with the correct username and password, we got a 200 status. And everything works. But if we make a mistake on the login or the password, the server send us back a 401 error. This freeze my application. I need to kill it and restart it. So not very practice. I check the response with fiddler on my computer and the phone receive the 401 error, and I manage this error on my code. this works on my other platform (android and ios). So I would like to know how I can manage this error

I've seen similar issues in some posts but none of the answers have helped yet. My MVC app has a few AJAX/JSON response methods in one controller, and the calls get to destination but it doesn't work in IE or Chrome, and in mozilla it does, but Firebug returns a very strange set of 3 attempts (all return 401 error) but the last one does actually work! My App has windows authentication, how can I extend this to my Ajax methods? the rest of the app works fine. I've tried bypassing the 401 by returning 200 Status from Global.asax (Application_EndRequest) but continues to do the same. Basically

Currently I can access messages set in done(null, user, {message: 'ok'}) inside post request via req.authInfo like this: app.post('/reg', passport.authenticate('local-reg', { session: false }), function (req, res) { console.log(req.authInfo.message); --> 'ok' }); Which is very useful. But how can i access message like this done(null, false, {message: 'username taken'}) in the same fashion, as it seems that passing done(null, false) in passport.authenticate makes it throw 401 unathorised, therefore not forwarding to the route handler itself. Maybe i misunderstood something? P.S.: I'm posting

Is there a way to logout of a digest authentication done in php. I have tried unset($_SERVER["PHP_AUTH_DIGEST"]); But it wont ask to relogin. I know if i close the browser then it will work and here are my functions. function login(){ $realm = "Restricted area"; $users = array("jamesm"=>""); if (empty($_SERVER["PHP_AUTH_DIGEST"])) { header("HTTP/1.1 401 Unauthorized"); header("WWW-Authenticate: Digest realm=\"{$realm}\",qop=\"auth\",nonce=\"".uniqid()."\",opaque=\"".md5($realm)."\""); return false; } if (!($data = http_digest_parse($_SERVER["PHP_AUTH_DIGEST"])) || !isset($users[$data["username

I have a .NET 2.0 website (VB) running in my IIS6 (XP Pro SP2) and a .NET 3.5 (configured as .NET2 under IIS's ASP.NET tab, of course) hosting an ASMX web service. In Chrome, I can call the ASMX and invoke the web methods successfully. However, in calling the web methods in code, from the .NET 2.0 website I get: The request failed with HTTP status 401: Unauthorized. How do I get around this? btlog You need to set the credentials in you application when you initialise the webService object. Something like webService.UseDefaultCredentials = true This will set the credentials of the request to

Scenario is this: User has 2 windows on which s/he is logged in. S/he logs out of one, stays logged in on the other, and then on the latter, triggers some action, say a form submission. Initially, what happened is that it threw a invalid authenticity token error. I've updated the protect_from_forgery in ApplicationController to be with: :null_session so that instead of the Exception it throws a 401. Great! Now for step 2, rather than the user just seeing a line of text saying You need to sign in or sign up before continuing. , I'd like to redirect him/her back to the sign in page. This is