ASP.NET Calling WebMethod with jQuery AJAX "401 (Unauthorized)"

Asked 12/4, 2014 at 17:14 Answered 20/4, 2020 at 1:43

Been stuck with this for hours

{"Message":"Authentication failed.","StackTrace":null,"ExceptionType":"System.InvalidOperationException"}

I'm trying to call this WebMethod in my ASP.Net Webform

[WebMethod]
public static string GetClients(string searchTerm, int pageIndex)
{
    string query = "[GetClients_Pager]";
    SqlCommand cmd = new SqlCommand(query);
    cmd.CommandType = CommandType.StoredProcedure;
    cmd.Parameters.AddWithValue("@SearchTerm", searchTerm);
    cmd.Parameters.AddWithValue("@PageIndex", pageIndex);
    cmd.Parameters.AddWithValue("@PageSize", PageSize);
    cmd.Parameters.Add("@RecordCount", SqlDbType.Int, 4).Direction = ParameterDirection.Output;
    return GetData(cmd, pageIndex).GetXml();
}

From this jquery.ajax

function GetClients(pageIndex) {
    $.ajax({
        type: "POST",
        url: "ConsultaPedidos.aspx/GetClients",
        data: '{searchTerm: "' + SearchTerm() + '", pageIndex: ' + pageIndex + '}',
        contentType: "application/json; charset=utf-8",
        dataType: "json",
        success: OnSuccess,
        failure: function (response) {
            alert(response.d);
            },
            error: function (response) {
                alert(response.d);
            }
    });
}

But I always get this error:

POST http://localhost:64365/ConsultaPedidos.aspx/GetClients 401 (Unauthorized)

Weird thing is that this used to work until I start authenticating users

<system.web>
...
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="2880" defaultUrl="/Dashboard" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>
...
</system.web>

Any ideas?

Fenestra answered 12/4, 2014 at 17:14 Comment(0)

206

Problem solved

This was driving me crazy.

Inside ~/App_Start/RouteConfig.cs change:

settings.AutoRedirectMode = RedirectMode.Permanent;

To:

settings.AutoRedirectMode = RedirectMode.Off;

(Or just comment the line)

Also if friendly URLs are enabled you need to change

url: "ConsultaPedidos.aspx/GetClients",

To:

url: '<%= ResolveUrl("ConsultaPedidos.aspx/GetClients") %>',

Hope this help somebody else

Fenestra answered 13/4, 2014 at 0:27 Comment(5)

I wanted to thank you for this answer, this solved the issue for me. I've seen people asking about this problem on several sites, but you were the only one that offered a solution. – Beseech 16/5, 2014 at 6:6

I just have the same issue! but I use Asp.net web project, i have no ~/App_Start/RouteConfig.cs.... how can I solve it.. – Pessa 29/12, 2016 at 9:17

How to fix this error in asp.net 3.5 web form project ? It doesn't have any routeconfig.cs file. – Floribunda 25/7, 2018 at 9:3

I've found so many guides that recommend changing settings like web.config, etc, but this is the only solution that worked. It's quite surprising that this functionality doesn't work out of the box. – Allude 31/10, 2019 at 21:1

Using an out of the box C# ASP.NET Webforms project, friendly URLs were enabled. Note that changing AutoRedirectMode to AutoRedirectMode.Off was all I needed to do. Much thanks. – Maressa 4/2, 2020 at 19:7

Inside ~/App_Start/RouteConfig.cs change

settings.AutoRedirectMode = RedirectMode.Permanent;

settings.AutoRedirectMode = RedirectMode.Off;

Smallscale answered 27/11, 2014 at 12:39 Comment(2)

this is the second time this got me. – Horror 17/5, 2017 at 16:24

Can you explain why we need to do this? – Defraud 17/7, 2017 at 13:40

401 Unauthorised means that:

User authentication hasn't been provided or
It was provided but failed authentication tests

This corroborates with what you've said about adding authentication, it's clearly covering this method too.

Therefore do you want access to this method to be public or not?

Public:

You need to remove authentication from this method.

To allow access to public resources (such as this webmethod) you simply place this in the config file in the same directory:

 <authorization>
        <allow users="*" /> 
 </authorization>

if you put above tag then it will give access right to all kind of users to all resources. so instead of that you can add below tag to give authorization to the web service

<location path="YourWebServiceName.asmx">
<system.web>
  <authorization>
    <allow users="*"/>
  </authorization>
</system.web>

Private:

You need to ensure authentication is being sent across the line (using Fiddler to check for the cookie), and ensure it's is passing asp.net authentication.

Stegall answered 12/4, 2014 at 17:23 Comment(2)

Thanks for the answer. I've already tried <allow users="*"> but I get the same response, also when checking the cookie on Fiddler it says this: This response did not set any cookies. – Fenestra 12/4, 2014 at 17:40

This looks like the culprit, without any cookies any authentication will fail - so figure out how to remove authentication from the method. – Stegall 12/4, 2014 at 17:43

You have to comment out only in ~/App_Start/RouteConfig.cs

  // settings.AutoRedirectMode = RedirectMode.Permanent;

             (Or do this)

    settings.AutoRedirectMode = RedirectMode.Off;

There is nothing to do with Authentication in Web.config file.

Enthetic answered 27/9, 2019 at 17:33 Comment(1)

In my case I had friendly URL settings in routing config which by default set with AutoRedirectMode to permanent, service method hitting after turning it off. Thank you. – Untwine 3/12, 2019 at 1:21

I found this question trying to solve the same problem, the way I solved is not seen here so I post to someone stuck in the same bottleneck:

Try in your method use the EnableSession = true in your WebMethod attribute

[WebMethod(EnableSession = true)]
public static string MyMethod()
{
    return "no me rindo hdp";
}

with this is solved my 401 error. Hope be helpful.

Dympha answered 26/1, 2017 at 21:2 Comment(0)

In my case, I was adding the WebMethod to a control on the form. It needs to be added to the page itself.

Selemas answered 3/7, 2018 at 1:13 Comment(0)

For me, I had an invalid "data:" parameter in my JQuery Ajax call. But rather than either .NET or JQuery complaining about the the parameter values, I was (misleadingly in my opinion) getting the 401 Unauthorized error.

Markle answered 20/4, 2020 at 1:43 Comment(0)

Not an expert but have you tried by putting <allow users="*"/> in the config file? Your request should be using a GET method and not a POST (used to create).

EDIT: It seems that you are using a SOAP method, which can't be called from clientside, you should use a RESFUL service.

Cooperstein answered 12/4, 2014 at 17:19 Comment(3)

Ys, I already tried that. Tried to put everything like it was before starting authenticating but I get the same response. – Fenestra 12/4, 2014 at 17:25

I think that your webmethod only can be invoked from server-side, but not sure. – Cooperstein 12/4, 2014 at 17:37

@Hatsjoem: not really. It can be invoked from client side. Its some authentication problem. +1 for effort anyway – Cohby 12/4, 2014 at 17:40

I faced the same problem and firstly tried the solution which is available and it does work. However I realised if I create a new web-service and add the relevent code in the App_Code folder of the web-service file then I don't get any errors.

Madi answered 7/8, 2015 at 13:53 Comment(2)

can you be a bit more specific? I too tried these things but the error just changed, it enters the Error event with: Status: error Error: Internal Server Error, no details. thanks – Margalo 7/8, 2015 at 14:33

Never mind, I got it working. It was expecting JSON so I had to to JSON.stringify(..datavalue), it works now. – Margalo 7/8, 2015 at 14:42

I know you got your answer accepted. It actually happens while creating a Web Form application and not changing the Authentication to No Authentication.

The default authentication we see as Authentication: Individual User Account

The error will not come if we change to Authentication: No Authentication

Pimento answered 17/11, 2016 at 14:30 Comment(1)

would like to point out that this does happen with 2017 VS (i use community ed) and web forms app, even with 'No Authentication'. I had to modify the routeconfig .cs as detailed above. – Mccray 17/5, 2018 at 3:16

My site was using ASP.NET forms authentication and I worked out by trial and error that I could only get it work if I called a web method with on an .asmx page and with contentType: "application/x-www-form-urlencoded" and dataType: "xml"

Dorton answered 22/2, 2018 at 8:22 Comment(0)

In my case the problem was in URL that calls Ajax.asmx this URL was not correct according to a webserver setup, e.g. "/qa/Handlers/AjaxLib.asmx/" worked for me instead of "/Handlers/AjaxLib.asmx/" (works fine on PROD servers in my particular situation):

  $.ajax({
  url: '/qa/Handlers/AjaxLib.asmx/' + action,
  type: "POST",
  async: false,
  data: data,
  contentType: "application/json; charset=utf-8",
  success: function () {

My AJAX was then called out of scope of my IIS virtual application directory "qa", hence Authorization error occured ({"Message":"Authentication failed.","StackTrace":null,"ExceptionType":"System.InvalidOperationException"}).

Ule answered 14/12, 2018 at 15:28 Comment(0)

To allow this Web Service to be called from script, using ASP.NET AJAX. Add the following attribute to the class

[System.Web.Script.Services.ScriptService]

I faced similar issue and the adding this attribute resolved it.

Peraza answered 21/11, 2019 at 9:22 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Problem solved

Recommended topics

Hot tags