4

My ASP.NET MVC application is using Forms authentication with [System.Web.Mvc.Authorize] . I would like to use [System.Web.Http.Authorize] attribute to protect my Web API controller and because i'm calling it with HttpClient from my MVC controller I've have implemented a custom delegating handler like the one in the following post:

ASP.NET MVC 4 Web API Authentication with Membership Provider

When debugging i can see that the principal is set and the user has right roles but still I'm being redirected to the login page?

So basically when i log in and visit the WebAPI action with browser everything works (as would if i use AJAX from my views), but when i use HttpClient inside my controller (which i know is a new request with different context) with Basic authentication and set the principal i always get redirected.

I've tried so many solutions/workarounds and i'm always redirected to login page. Anyone has an idea.

Improve this question
1
  • So, when you have logged in, did you verify in the delegating handler that the login cookie is sent for each request. If so, it should authorize you Commented May 23, 2014 at 3:54

1 Answer 1

Reset to default
1

Here's an explanation:

System-web-http-authorize x System-web-mvc-authorize

Another interesting point is you use your custom authorization. I did it and it worked. Following example:

Customized authorization Mvc 4

Good Luck

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.