Stack Overflow
Stack Overflow

Questions tagged [www-authenticate]

64 questions
1
vote
0 answers

How to set jwt token in WWW-Authenticate in hapijs?

I am able to create jwt on successful user login. But when I am using jwt strategy for other routes, I am getting 'WWW-Authenticate →Token' in the header also error comes : { "statusCode": 401, "error": "Unauthorized", "message":…
Garima
  • 1,566
  • 2
  • 11
  • 14
1
vote
1 answer

NetworkCredential 401 unauthorized HttpWebRequest

I have a problem when authenticating HttpWebRequest The remote server returned an error: (401) Unauthorized. This is my code: ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) =>…
T4mer
  • 430
  • 2
  • 7
  • 22
1
vote
0 answers

How to deal with anonymous login attempts when you allow both anonymous access and logged in users?

I have a framework that allows anonymous access as well as named user accounts. I'm exposing an OData resource on a certain URL. When configured as such, anonymous users can see parts of the resource and logged in users (through basic…
Sebastiaan van den Broek
  • 5,818
  • 7
  • 40
  • 73
1
vote
1 answer

HTTP Authentication on Google App Engine

I was hoping to authenticate my Google App Engine (GAE) website, making a "members only" page. I was hoping to match emails/member IDs in a Google SQL table to data input in the HTTP Authentication pop-up box, but I'm having difficulties. Below is…
WXMan
  • 310
  • 1
  • 12
1
vote
1 answer

Apache dynamic whitelist

I am looking for a solution for dynamic whitelist, so I do not need to restart apache2 service. I've tried to do something like this: order Deny,Allow include conf/IPList.conf Allow from all But this solution didnt work for me correctly. I've tried…
slawek
  • 55
  • 2
  • 9
1
vote
0 answers

Authenticate Header

I have web application that has Windows authentication running successfully until recently. I didn't do any changes to IIS configuration or code modification or user permissions change. I can log in to the application, but when javascript does…
YuraB
  • 11
  • 1
1
vote
1 answer

Apache - allow directory listing but downloading files require vaild-user

I want to allow my friends to view all files in directory without logging . But when they want to download file I want to authenticate them. How to do this ? Now I have something like this: AuthUserFile /var/....../.htpasswd AuthName "VIP" AuthType…
Filip Matysiak
  • 31
  • 2
1
vote
1 answer

Login to Java site with WWW::Scripter charset issue

I'm trying to login to a java website using WWW::Scripter module. Using the WWW::Mechanize module works fine, but once authenticated the site has JavaScript functions that I need to call - hence needing Scripter. After doing a large amount of…
Mike
  • 11
  • 1
1
vote
1 answer

Appropriate unauthorized response when using form based authentication

I have a web app that uses form based authentication. When an AJAX request fails due to session timeout, I need to send an appropriate notification. It looks like I could send: 403 Forbidden, but that implies "authorization will not help", which…
Brad Koch
  • 19,267
  • 19
  • 110
  • 137
0
votes
0 answers

Customize 401 Unauthorized response from AWS Lambda Authorizer

I am developing an API with AWS API Gateway, and the authorization to consume the API endpoints is based on JWT tokens. As a requirement, the server needs to follow strictly the behavior described in RFC 6750: "OAuth 2.0 Bearer Token Usage". In…
Jesus de Gregorio
  • 1
0
votes
0 answers

WWW-Authenticate is not being sent with HTML login form of Keycloak

As per this doc and as its item 4 says: renders the HTML login screen with status 401 and HTTP header WWW-Authenticate: Negotiate. In the meantime, I don't see anything like this in the response of my keycloak (WWW-Authenticate header is not…
Greg Semenov
  • 1
  • 1
0
votes
0 answers

unsure how to use/works WWW-Authenticate response header in practice

I was implementing a jwt-token authentication with the bearer scheme. I was wondering what is the best practice when returning 401 (Unauthorized). I was thinking about attaching WWW-Authenticate: Bearer realm="protected" to all the protected…
amongosus
  • 45
  • 6
0
votes
0 answers

Correct format for multiple authentication scheme for same realm WWW-Authenticate header

Which of the following makes more sense for WWW-Authenticate header? The specs aren't super clear on this. 1. WWW-Authenticate: Basic, Oauth realm="realm" OR 2. WWW-Authenticate: Basic realm="realm", Oauth realm="realm"
Gagandeep Singh
  • 53
  • 6
0
votes
3 answers

Python requests WWW-Authenticate missing in headers

I'm trying to access the WWW-Authenticate header after a GET request using Python's requests library. When I do this in Postman it returns it but in Python it doesn't. Python: import requests from requests.auth import HTTPBasicAuth headers = { …
AK91
  • 671
  • 2
  • 13
  • 35
0
votes
1 answer

Java socket Basic WWW-Authentication

I want to authenticate a socket connection in the Web browser by using the WWW-Authenticate: Basic header but no prompt for username and password comes up. How do go about it? public static void responseView(Socket socket) throws IOException { …
user8887673
1 2
3
4 5