I'm trying to access an old ASP.NET-Api(API 1) via Angular 8. Because of CORS-Issues the access is handled via a proxy.conf.js
-File. (Found in another post)
var Agent = require("agentkeepalive");
var keepaliveAgent = new Agent({
maxSockets: 100,
keepAlive: true,
maxFreeSockets: 10,
keepAliveMsecs: 1000,
timeout: 60000,
keepAliveTimeout: 30000 // free socket keepalive for 30 seconds
});
var onProxyRes = function (proxyRes, req, res) {
var key = 'www-authenticate';
proxyRes.headers[key] = proxyRes.headers[key] && proxyRes.headers[key].split(',');
};
const PROXY_CONFIG = [
{
target: Application-Url,
context: "/api/",
secure: false,
changeOrigin: true,
auth: "LOGIN:PASS",
loglevel: "debug",
onProxyRes: onProxyRes,
agent: keepaliveAgent
}
];
module.exports = PROXY_CONFIG;
In the .NET-Application the only thing that hints to the authentification is the following line in the web.config
-File.
<authentication mode="Windows" />
When compiled and executed the following behavior occurs: A login-mask shows up which asks for windows-authentication. If the credentials are entered the mask closes and reopens again instantly. This behaviour continous endlessly.
Note: Accessing the api-endpoints via the commandline of the browser works perfectly fine.
You could use below PowerShell command to disable look back check:
New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name "DisableLoopbackCheck" -Value "1" -PropertyType dword
after changing the registry key restarts the machine.
or you could try below things:
set this code in your web.config file:
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
and make sure that you set NTML as the first provider.
check that under Advanced Settings... the Extended Protection is set to Accept.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments