Incorrect return value on TryAuthenticate in mono

I have function which is doing authorization such kind:

But i have problem. When i don’t do authorization I get error 401 in IIS and in MONO error 404.

Win IIS

Nix Mono Nginx

Server parametrs:

Tell me please, how can i solve this problem.

Can you post a sample code which demonstrates the issue? Are your services marked with [Authenticate] attribute? If they marked then they require authentication first and that’s why you get “Unauthorized” error code when trying to get them before authentication

404 error on mono could be due to this setting in web.config:

<httpHandlers>
  <add path="*" type="ServiceStack.HttpHandlerFactory, ServiceStack" verb="*" />
</httpHandlers>

if you change it to

<httpHandlers>
  <add path="servicestack*" type="ServiceStack.HttpHandlerFactory, ServiceStack" verb="*" />
</httpHandlers>

then error should go away. (In this case ServiceStack services will be accessible by using /servicestack/you_service URL). But this is just guessing, without actual code it’s difficult to say what is the real cause of issue.

Hi Sergey, here is the project where the error are seen.

You may run it by mono and get the response. That you had written didn’t help, after those changes the project don’t start and write that the error in Web.conf

I ran your application on mono. When I open ‘/hello/world’ url, I’ve got a response “Hello, world!”, because this server is not marked as authentication required. If add [Authenticate] attribute to the service MyServices and try to access it by URL /hello/world it redirects to login, because user not authenticated.

To get access to the services which requires authentication you should call the service /auth/login with user credentials before any request to these services. In you case auth request will look like /auth/login?username=root&password=admin. After successful authentication you can call services with [Authenticate] attribute and you won’t get 401 - Unauthorized any more.

There may be services with [Authenticate] and without it, i don’t have some problems with it. My question about authentication process. After successful authentication i have no problem and everything OK, but when authentication hasn’t successed on Windwos platform a get 401 - Unauthorized errorr, however Mono return, that the page can’t be found.

Mono redirects request to login.aspx page when get ‘401 - Unathorized’. But the page does not exist in the project and this is why you get ‘404 - Not Found’ error . I will look what can be changed to make mono behaviour similar to IIS in this case and return 401 without redirect to login.aspx

Thanks a lot. I’ll wait

This is a mono authentication issue. Looks like mono uses forms authentication by default, while MSDN states that default authentication mode is Windows. https://msdn.microsoft.com/en-us/library/532aee0e(v=vs.100).aspx When forms authentication is enabled every 401 status code redirects to login.aspx page.

To resolve the issue and get ‘401 - Unauthorized’ when username/password do not match instead of redirecting to ‘login.aspx’ page you should add <authentication> element to web.config inside the <system.web> element:

<system.web>
   .......
  <authentication mode="None">
  </authentication>
</system.web>

This disables forms authentication and disables redirect to login.aspx page when authenticating using ServiceStack services.

thanks a lot, it’s working !