1

I have an ASP.Net MVC4 intranet site that also has a Web API controller.

I have set Authentication = "Windows" in the web.config.

Is it possible to set the Web API only to allow Anonymous?

** Changes I've made to the WebApiConfig file per suggestions below.

 public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{controller}/{id}",
            defaults: new { id = RouteParameter.Optional }
        );      
    // Web API routes
        config.MapHttpAttributeRoutes();
        config.SuppressDefaultHostAuthentication();
        config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
    }
}
Improve this question
1

2 Answers 2

Reset to default
0

Sure, inside your WebApiConfig class you need to suppress the default host authentication for the web api only, you can do it as the code below:

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        // Web API routes
        config.MapHttpAttributeRoutes();
        config.SuppressDefaultHostAuthentication();
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

Is this a Web API 2.2 only feature?
Yup, it is Web API 2 feature not 1. I believe you are using Web API 1, didn't notice that your project is MVC4. :(
I've upgraded the project so that I can use API 2.
Perfect, hope this will solve your issue then, check it and if it worked do not forget it to mark it is as answer :)
Now it keeps prompting me to go to the login page when I go to the non-api home page via Mysite If I use Mysite/home/index it works ok.
|
0

In my project I have achived it with the code below. The project uses Forms Authentication for MVC and Basic Authentication for WebAPI. I use Thinktecture library to achive it.

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{controller}/{id}",
            defaults: new { id = RouteParameter.Optional }
        );

        var authConfig = new AuthenticationConfiguration();
        authConfig.AddBasicAuthentication((userName, password) => AuthenticationService.ValidateUser(userName, password));
        config.MessageHandlers.Add(new AuthenticationHandler(authConfig));

    }
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.