I am trying to setup basic auth on my mvc.net web application. I configured my controller using this example: asp mvc 3 ActionFilter for basic authentication
I set a breakpoint where it checks for the Authorization Header, however the header is not present in the HttpRequest. I am accessing the site like this:
http://user1:pass1@localhost/{AppName}/Client/Authorize
If I remove the [BasicAuthorization] attribute from my controller, I am able to access the page.
I am debugging this using IIS 7.0 on a Windows 7 machine.
I think it might have something to do with default authorization settings in IIS. When I throw a HttpUnauthorizedResult() exception, a username/password box pops up in Chrome... I'm not sure how to tell IIS to use my custom code to authenticate the user.
This application won't be accessible by a human user, so the username/password needs to be passed in in the URL like shown above.
I had also found this post: No browser is sending Authorization info in header. I tried sending the request twice after IIS sends the UnauthorizedRequest to the browser, but that's when the username/password dialog pops up. I'm also not sure how to test using that Curl command... Is that through CMD?
