Reputation: 341
Why is my web service returning error 401 when using Windows Authentication?
I'm setting up a web service that is only supposed to work for users in a certain Active Directory. Unfortunately I'm encountering error 401 - Unauthorized.
Things I've tried:
I initially tried configuring IIS and the web.config file to grant access to the users in the Active Directory but I couldn't get this to work.
Next I decided to take a step back and configure IIS and the web.config file to grant access to all users. This too, surprisingly, does not work.
What happens when I call the web service:
When I call the web service I immediately get the error message "401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied." I didn't get a pop up asking for any credentials, so let me know if that's an issue.
Relevant Settings in IIS:
- Anonymous Authentication is Disabled
- Windows Authentication is Enabled
- Authorization Rules is set up to Allow All Users
--
Here are the relevant lines of code in my web.config file:
<system.webServer>
...
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
You can see from the code that I allow access to all users (users="*"), but this is still giving me the 401 error.
Thank you for your help.
Upvotes: 1
Views: 3628
Answers (1)
Reputation: 41008
How are you calling the web service?
A 401 is actually the normal first step for Windows Authentication. The whole authentication flow is described here: Windows Authentication HTTP Request Flow in IIS.
In short, it responds with a 401 and tells you that it accepts Windows authentication. Then the client (usually a browser) resends the request with the proper authentication. A browser will do this for you.
Since you mention this is a web service, I assume you're handling the request yourself. So the answer about how to solve this depends on how you are making the call to your web service. But there is usually a way to specifically tell it to send Windows credentials (either on the first try, or automatically after the 401 challenge).
Upvotes: 1
Related Questions
- SOAP web service call with NTLM auth not working C#
- Authenticate a Windows Service to a iis web service with "Windows Authentication"
- Web Service with Windows Authentication with Soap Client
- Webservice does not seem to be doing any authentication despite config in IIS7.5
- Enable anonymous authentication to a web service
- ASP.net web app calling asp.net web service returning error code 401 even with System.Net.CredentialCache.DefaultCredentials
- HTTP 401.3 - Access denied on Windows Authentication
- 401 Unauthorized when contacting ASP.NET web service from ASP.NET web application
- Consuming Web Service via Windows Authentication
- C# REST webservice authentication problem