Hi.
I'm trying to expose an application service method to a 3rd party that determines whether the user should be authorised to access the method inside of the method. If authorisation is required, I want to return a 401 HTTP code.
What I've done is to throw a AbpAuthorizationException when authorisation is required, but this redirects the request to the application login page with a 302 response code. I want to return a 401 response to allow the 3rd party to authenticate the user.
How can I accomplish this?
9 Answer(s)
-
0
Hi,
The response status should be 401 if authorization is failed. Can you make a test with postman (a google chrome extension) like in below screenshot.
-
0
I've made the request, bit it returns with a 200 OK code and the body of the response is the login page HTML.
It must be noted that this is not an ABP Core project and that it was upgraded from ABP 0.8 to 0.11 previously and then upgraded to 1.2.2 yesterday.
-
0
Hi,
Did you make the request with postman ? If so, can you share the code of your request ? You can see it when you click the orange code link which you can see in my previous screenshot.
-
0
-
0
Hi,
Can you check the ABP version you are using ?
-
0
ABP version is 1.2.2.0
-
0
Can you sen your project to <a href="mailto:[email protected]">[email protected]</a>, so we can find the problem faster if this is not a problem for you.
Thanks.
-
0
I have finally managed to solve the issue.
It looks like I did not upgrade the WebAPI project correctly.
The line below was missing from my WebApi Module's Initialize() method:
Configuration.Modules.AbpWebApi().HttpConfiguration.Filters.Add(new HostAuthenticationFilter("Bearer"));Once added, the 401 response code is returned.
-
0
Great news :)
