What is wrong with my Basic Authentication in my Browser?
Posted
by Pure.Krome
on Stack Overflow
See other posts from Stack Overflow
or by Pure.Krome
Published on 2010-03-26T14:49:32Z
Indexed on
2010/03/28
4:23 UTC
Read the original article
Hit count: 393
Hi folks,
i'm trying to goto the following url :-
nothing to complex. Notice how i've got the username/password in the url? this, i believe, is for basic authentication.
When I do that, the Request Headers are MISSING the 'Authorize' header. Er... that's not right :(
I have anonymous authentication only setup on the site. I don't want to have anon off and basic turned on .. because not all of the site requires basic.. only a few action methods.
So .. why is this not working? Is this something to do with the fact my code is not sending a 401 challenge or some crap?
For What It's Worth, my site is ASP.NET MVC1 running on IIS7 (and the same thing happens when i run it on cassini).
Update:
If this is an illegal way of calling a resource using basic auth (ala security flaw) .. then is this possible to do, for an ASP.NET MVC website .. per action method (and not the entire site, per say)?
© Stack Overflow or respective owner