ASP.NET MVC 5 application with windows authentication.
WEB.CONFIG
...
<system.web>
<identity impersonate="true"/>
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
...
CONTROLLER
...
public class TemplatesController : Controller
{
// GET: Templates
public ActionResult Index()
{
HRDataContext ctx = new HRDataContext();
var l = ctx.SurveyTemplates.ToList();
return View(l);
}
[AllowAnonymous]
public ActionResult Update(SurveyTemplate value)
{
//OrderRepository.Update(value);
//var data = OrderRepository.GetAllRecords();
return Json(value, JsonRequestBehavior.AllowGet);
}
[AllowAnonymous]
public ActionResult Insert(SurveyTemplate value)
{
//OrderRepository.Add(value);
//var data = OrderRepository.GetAllRecords();
return Json(value, JsonRequestBehavior.AllowGet);
}
[AllowAnonymous]
public ActionResult Delete(int key)
{
//OrderRepository.Delete(key);
//var data = OrderRepository.GetAllRecords();
var data = new List<SurveyTemplate>();
return Json(data, JsonRequestBehavior.AllowGet);
}
}
...
VIEW
@(Html.EJ().Grid<SurveyTemplate>("grdTemplate")
.Datasource(ds => ds.Json(Model).UpdateURL("Update").InsertURL("Insert").RemoveURL("Delete").Adaptor(AdaptorType.RemoteSaveAdaptor))
.EnableRowHover(false)
.AllowSelection()
.IsResponsive()
.AllowFiltering()
.AllowSorting()
.FilterSettings(filter => { filter.FilterType(FilterType.Menu); })
.EditSettings(edit => { edit.AllowAdding().AllowDeleting().AllowEditing(); })
.ToolbarSettings(toolbar =>
{
toolbar.ShowToolbar().ToolbarItems(items =>
{
items.AddTool(ToolBarItems.Add);
items.AddTool(ToolBarItems.Edit);
items.AddTool(ToolBarItems.Delete);
items.AddTool(ToolBarItems.Update);
items.AddTool(ToolBarItems.Cancel);
});
})
.Columns(col =>
{
col.Field("SurveyTemplateId")
.HeaderText("Id")
.IsPrimaryKey(true)
.TextAlign(TextAlign.Right)
.Width(75)
.Visible(false)
.Add();
col.Field("Name").Width(100).Add();
col.Field("Description").Width(150).Add();
})
)
Application can render Index view, but when I edit data grid calls controller but server response 'not authorized'.
CONTROLLER RESPONSE
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-StackifyID: V1|80000147-0003-ff00-b63f-84710c7967bb|
X-SourceFiles: =?UTF-8?B?QzpcS2Fyb2xcUHJvamVrdHlcSFIgLSBPY2VuYSBQcmFjb3duaWthXEhSIC0gT2NlbmEgcHJhY293bmlrYVxPY2VuYVByYWNvd25pa2FORVdcSW5zZXJ0?=
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Tue, 03 Jan 2017 22:55:49 GMT
Content-Length: 6128
Proxy-Support: Session-Based-Authentication
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS 10.0 Detailed Error - 401.2 - Unauthorized</title>
<style type="text/css">
<!--
How to enable authorization in grid calls or how to disable authorization in this controller?
Problem solved.
Problem was in grid definition:
Datasource(ds => ds.Json(Model).UpdateURL("Update").InsertURL("Insert").RemoveURL("Delete").Adaptor(AdaptorType.RemoteSaveAdaptor))
should be:
Datasource(ds => ds.Json(Model).UpdateURL("Templates/Update").InsertURL("Templates/Insert").RemoveURL("Templates/Delete").Adaptor(AdaptorType.RemoteSaveAdaptor))
Url should be full not only Action name.