I am protecting WebAPI using forms Authentication, that is using Breezecontroller
When i try to call WebAPi method i am getting back the following error.
status:404
statusText: “Not Found”
message:”MetaData query failed for:”;, No Http resource was found tha matches…
My question is why am i not getting back “UnAuthorized error(401)” ?
metadata is decorated with [Authorize] as well.
Seems like FormsAuthentication’s redirect is giving problem.
It is redirecting to Login(has AllowAnonymous) WebApi method and reports it cannot find, eventhough i have. Also i am applying the Authrozie to the methods instead of controller. the exact error is
{"$id":"1","$type":"System.Web.Http.HttpError,System.Web.Http","Message":"NoHTTPresourcewasfoundthatmatchestherequestURI'http://localhost:40678/api/Country/Login?ReturnUrl=/api/Country/Metadata'.","MessageDetail":"Noactionwasfoundonthecontroller'Country'thatmatchestherequest."}
Just tried and working fine. I’m betting you have a mistake in your URL.
Here is the prelim to my controller:
[Authorize] [BreezeController] public class BreezeTodoController : ApiController { private readonly BreezeTodoContext _context; public BreezeTodoController() { _context = new BreezeTodoContext(User); } [HttpGet] public string Metadata() { return _context.Metadata(); } // ... moreI hit it with this URL
And I get back the 401
But if I make a mistake in the URL (see ‘x’ after breezetodo)
Same thing if my action name doesn’t match (see ‘x’ after metadata):
In other words, HTTP can’t report that a resource is unauthorized if it can’t find that resource in the first place.