Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Use Fiddler with Basic Authentication to access RESTful WebAPI

Tags:

rest

asp.net-web-api

fiddler

I have a WebAPI that works without issue. I have tested locally and deployed to my server and configured this service in IIS to use Basic Authentication. I am able to browse to my service and I receive the Authentication challenge I expect and all works swimmingly! Now I want to use Fiddler to test this and I have constructed a POST to a specific url and I got a 401 (Unauthorized) error. So I decided to add a base64 string in my Request Header and I am now getting a 500 error.

What I would like to know is, does my Request Header look correct? I am obviously going to obfuscate my Host and base64 string which contains the format username:password for the Authentication challenge.

User-Agent: Fiddler Host: xxx.xxx.xxx.xxx:xxxx Content-Length: 185 Content-Type: text/json Authorization: Basic jskadjfhlksadjhdflkjhiu9813ryiu34
like image 934
brianhevans Avatar asked Sep 19 '12 19:09

brianhevans

People also ask

How do I authenticate and authorize in Web API?

Web API assumes that authentication happens in the host. For web-hosting, the host is IIS, which uses HTTP modules for authentication. You can configure your project to use any of the authentication modules built in to IIS or ASP.NET, or write your own HTTP module to perform custom authentication.

How do I enable Basic authentication in Web API?

In IIS Manager, go to Features View, select Authentication, and enable Basic authentication. In your Web API project, add the [Authorize] attribute for any controller actions that need authentication. A client authenticates itself by setting the Authorization header in the request.

How do I add Basic authentication to Fiddler?

Creating a Basic Authentication RequestSelect the Composer tab. Set the HTTP/HTTPS method to GET and add the URL in the URL field. Create an object in the request Body and the user and passwd variables and their values. In this object, user and passwd are the predefined variables for the Basic Authentication.

2 Answers

Fiddler has a tool that does the Base64 for you. Just create your string: username:password and then go to Tools -> TextWizard and enter the username password combo and choose ToBase64. Copy and paste that into your Authorization header and you should be good to go.

like image 106
AlexGad Avatar answered Sep 25 '22 02:09

AlexGad

AlexGad is right. Once the ToBase64 encoding is created, under the header while composing the request, add the following line:

Authorization: Basic [encoded_value]

Now execute the request, it should work! :)

like image 29
Sunil Dabburi Avatar answered Sep 26 '22 02:09

Sunil Dabburi
Sign in to Comment

Related questions

Is using a verb in URL fundamentally incompatible with REST?
Content-Length header with HEAD requests?
What is difference between REST and API?
How to Solve 403 Error in Spring Boot Post Request
TypeError: db.collection is not a function
React frontend and REST API, CSRF
REST and authentication variants
Is ReST over websockets possible?
How do I read environment variables in Postman tests?
What are the DAO, DTO and Service layers in Spring Framework?
What MIME type if JSON is being returned by a REST API?
What is the HTTP response code for failed HTTP Delete operation?
can you add HTTPS functionality to a python flask web server?
S3 REST API and POST method
If transactions over REST are unachievable, how can REST ever be really useful? [closed]
Standard methods for documenting a RESTful API [closed]
Use http status 202 for asynchronous operations
REST API Authorization & Authentication (web + mobile)
Can I pass non-string to WCF RESTful service using UriTemplate?
Making authenticated POST requests with Spring RestTemplate for Android

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!