Reputation: 11
Servicestack unauthorized exception after credential authentication is performed
I'm trying to get Servicestack Credentials authentication to work but when I attempt to consume a protected service decorated with [Authenticate] I get an unauthorized exception even after the authentication has been successful. What is being missed here?
AppHost looks like this:
AuthFeature authFeature = new AuthFeature(() => new AuthUserSession(),
new IAuthProvider[]{
new BpeCredentialsAuthProvider(), //HTML Form post of UserName/Password credentials
}) { HtmlRedirect = null };
authFeature.ServiceRoutes[typeof(AuthService)] = new[] { "/auth" };
authFeature.IncludeAssignRoleServices = false;
Plugins.Add(authFeature);
container.Register<ICacheClient>(new MemoryCacheClient());
I think I'm overriding TryAuthenticate correctly and from Swagger everything works properly. The problem resides in the client call -after the authentication against myurl/auth/ succeeds- the next call to a different service fails with unauthorized exception. Any idea please?
After more research: it looks like ss-id/ss-pid cookies need to be passed to the restricted resource to authenticate. How can I do that?
Upvotes: 1
Views: 567
Answers (2)
Reputation: 11
I found not only the sessionId cookie needs to be passed to the consequent requests but also the whole container -ss-id, ss-pid, ss-opt, X-UAId-. I couldn't neither access the cookie container from the ICacheClient, I had to manually set the cookies when the authentication has place and the request all cookies for that container and add them to the new service call.
Upvotes: 0
Reputation: 143284
When authenticating via Ajax the cookies are automatically to subsequent requests.
Likewise with the C#/.NET Service Clients the cookies will be retained on the Authenticated Service Client when specifying RememberMe=true when authenticating the request, e.g:
var client = new JsonServiceClient(baseUrl);
var authResponse = client.Post(new Authenticate {
provider = CredentialsAuthProvider.Name,
UserName = "user",
Password = "p@55word",
RememberMe = true,
});
You can then re-use the same instance for making authenticated requests:
var response = client.Post(new Secure { ... });
You can also transfer the cookies to a new client by assinging the CookieContainer e.g:
newClient.CookieContainer = client.CookieContainer;
Upvotes: 0
Related Questions
- ServiceStack request fails with error 401, but the Session is authenticated
- Authentication using ServiceStack 4.5.14
- How to consume credentials Authentication Service in ServiceStack
- ServiceStack Authentication Error Codes
- ServiceStack UserName should not be empty?
- ServiceStack basic authentication
- servicestack auth breaks at 4.0.21
- ServiceStack Basic Authentication Failure
- ServiceStack Authentication [Authenticate] Attribute Fails to Process the ss-id and ss-pid
- ServiceStack Session is null in self-hosted server