1

I am working on locking down various sections of an internal application's web api controller actions. Currently, we are using Windows Authentication and a custom role provider. When making ajax calls to the API, I would like to prevent the credentials prompt from showing up when the current user is not authorized to access the given api method. We have a custom authorization filter for our MVC controller actions (NOT WEBAPI), but am not having much luck in preventing that prompt from showing up when making AJAX calls to a webapi action.

Is it possible to just deny/grant access via an authorize attribute and prevent that annoying login prompt from showing up?

DeeDub
  • 1,654
  • 1
  • 12
  • 18
  • 1
    please show your custom authorization filter code.. – ssilas777 Jan 29 '14 at 17:19
  • the custom authorization filter we are using is used only for MVC controller actions, not webapi. Thus, it would have no impact for this question. – DeeDub Jan 29 '14 at 17:20
  • Possible duplicate of [Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?](http://stackoverflow.com/questions/238437/why-does-authorizeattribute-redirect-to-the-login-page-for-authentication-and-au) – Crispy Jan 15 '16 at 22:40

0 Answers0