7 jun
2017

C# - Error Basic Authentication WebServices REST y metodo POST

Actualmente estoy trabajando con NetFramework 4.0 y también asignando autorización básica y debo usar la siguiente Dll System.Web.Http.Cors pero no la ubico ni en el administrador de Paquetes del Visual Studio 2012.

La clase que autentifica es la siguiente:

using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Net.Http.Headers;
using System.Security.Principal;
using System.Text;
using System.Threading;
using System.Web;
using System.Configuration;

namespace WebAPISample.Modules
{
    public class BasicAuthHttpModule : IHttpModule
    {
        private const string Realm = "sample.local";

        public void Init(HttpApplication context)
        {
            // Register event handlers
            context.AuthenticateRequest += OnApplicationAuthenticateRequest;
            context.EndRequest += OnApplicationEndRequest;
        }

        private static void SetPrincipal(IPrincipal principal)
        {
            Thread.CurrentPrincipal = principal;
            if (HttpContext.Current != null)
            {
                HttpContext.Current.User = principal;
            }
        }

        // TODO: Here is where you would validate the username and password.
        private static bool CheckPassword(string username, string password)
        {
            bool validUser = false;

            // put your database or authentication calls here

            validUser = username == "test" && password == "test";

            return validUser;
        }

        private static bool AuthenticateUser(string credentials)
        {
            bool validated = false;
            try
            {
                var encoding = Encoding.GetEncoding("iso-8859-1");
                credentials = encoding.GetString(Convert.FromBase64String(credentials));

                int separator = credentials.IndexOf(':');
                string name = credentials.Substring(0, separator);
                string password = credentials.Substring(separator + 1);

                validated = CheckPassword(name, password);
                if (validated)
                {
                    var identity = new GenericIdentity(name);
                    SetPrincipal(new GenericPrincipal(identity, null));
                }
            }
            catch (FormatException)
            {
                // Credentials were not formatted correctly.
                validated = false;

            }
            return validated;
        }

        private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
        {
            var request = HttpContext.Current.Request;
            var authHeader = request.Headers["Authorization"];
            if (authHeader != null)
            {
                var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);

                // RFC 2617 sec 1.2, "scheme" name is case-insensitive
                if (authHeaderVal.Scheme.Equals("basic",
                        StringComparison.OrdinalIgnoreCase) &&
                    authHeaderVal.Parameter != null)
                {
                    AuthenticateUser(authHeaderVal.Parameter);
                }
            }
        }

        // If the request was unauthorized, add the WWW-Authenticate header 
        // to the response.
        private static void OnApplicationEndRequest(object sender, EventArgs e)
        {
            var response = HttpContext.Current.Response;

            // see if the request sent an X-Requested-With header (Non-Browser request - 
            // used by jQuery and Angular implementations to prevent the browser from 
            // presenting the default Login dialog)
            var request = HttpContext.Current.Request;

            string authType = "Basic";

            if (response.StatusCode == 401)
            {
                if (request.Headers.AllKeys.Contains("X-Requested-With"))
                {
                    if (request.Headers["X-Requested-With"] == "XMLHttpRequest")
                    {
                        authType = "xBasic";
                    }
                }

                response.Headers.Add("WWW-Authenticate",
                    string.Format("{0} realm=\"{1}\"", authType, Realm));
            }
        }

        public void Dispose()
        {
        }
    }
}

Mi configuración en web.config es:

<system.webServer>
    <modules>
      <add name="BasicAuthHttpModule" type="WebAPISample.Modules.BasicAuthHttpModule, WebAPISample"/>
    </modules>
  </system.webServer>

Finalmente llamó desde desde otra capa con la siguiente con el siguiente código:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Net.Http;
using System.Web.Http;
//using System.Web.Http.Cors;

namespace AppWS
{
    [Authorize]
    //[EnableCors(origins: "*", headers: "*", methods: "*")]
    public class myService:IServicio
    {
        public EPlaca ListarVehicles(string sUsuario)
        {
            oService = new mHost.ServicioClient("Binding_IServicio");
            var rpta = oService.ListarVehicles(sUsuario);
            oService.Close();
            return rpta;
        }  
    }
}

Que puedo hacer para solucionar este error que solo funciona para método GET Y no con POST que es mi caso?

COMENTARIOS

DEJA TU COMENTARIO

© 2017 website by Rubit Corporation