Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Mads Larsen 9 posts 40 karma points
    Mar 06, 2015 @ 11:01
    Mads Larsen
    0

    7.2.2 - WebApi UmbracoAuthorize attribute always returns "Authorization has been denied for this request."

    I installed a fresh Umbraco 7.2.1. The only thing I created in the solution was this WebApi controller:

    [Umbraco.Web.WebApi.UmbracoAuthorize]
    public class ApiTestController : Umbraco.Web.WebApi.UmbracoApiController
    {    public string GetData()
        {
            return "hello";
        }
    }

    Hitting that controller (.../umbraco/api/apitest/getdata) returns "hello" as long as I'm also logged into backoffice.

    I then upgraded Umbraco to 7.2.2.

    Now when trying to hit the controller again (after ensuring I am logged into back office) the controller returns "Authorization has been denied for this request." The user has the "Administrator" user type.

    Looking at the change log for 7.2.2 it doesn't appear that anything was changed in this part of Umbraco. So the question is, am I looking at a bug here?

    Info:

    • Umbraco Version: 7.2.2
    • asp.net version: 4.5
    • Windows and iis version: Windows 8.1 with IIS 8.5

     

  • Sören Deger 733 posts 2844 karma points c-trib
    Mar 06, 2015 @ 11:04
    Sören Deger
    0

    Hi Mads,

    have you hit the controller directly after the upgrade? If so please clear your cache and recycle the application pool. Maybe your browser is in the old session from your previous version.

     

    Best,

    Sören

  • Mads Larsen 9 posts 40 karma points
    Mar 06, 2015 @ 12:09
    Mads Larsen
    0

    @Sören - I've just tried to do as you suggest, but I does not help.

    Originally the development team I'm in experienced the problem on another Umbraco solution that was upgraded til 7.2.2. So I created a clean standalone Umbraco 7.2.1 solution and upgraded to 7.2.2 to verify the issue. Now, I've just tried installing a fresh 7.2.2 and the issue is also here. So it doesn't appear to be an upgrade issue.

  • Sören Deger 733 posts 2844 karma points c-trib
    Mar 06, 2015 @ 13:08
    Sören Deger
    0

    Hi Mads,

    I have already no time to check this in a own 7.2.2.

    But maybe this is related to this issue:

    http://umbraco.com/follow-us/blog-archive/2014/1/17/heads-up,-breaking-change-coming-in-702-and-62

     

    Hope this helps?


    Best,

    Sören

  • Sören Deger 733 posts 2844 karma points c-trib
    Mar 06, 2015 @ 13:28
    Sören Deger
    0

    Hi Mads,

    inherit from UmbracoAuthorizedApiController instead of UmbracoApiController:

    public class ApiTestController : Umbraco.Web.WebApi.UmbracoAuthorizedApiController


    Best,

    Sören

  • Sören Deger 733 posts 2844 karma points c-trib
    Mar 07, 2015 @ 14:37
    Sören Deger
    101

    Hi Mads,

    Were you able to solve the problem? Now I have tested it in 7.2.2 and I had a similar issue. But with the link from the umbraco blog I was able to solve it.

    Here is the topic in which my solution is described:

    https://our.umbraco.org/forum/umbraco-7/developing-umbraco-7-packages/61985-401-unauthorized-from-UmbracoApiController-after-update-to-722?p=0#comment210823

    Tell me about it just in case you still have problems, and if I can help you :)
     

    Best.

    Sören

  • Mads Larsen 9 posts 40 karma points
    Mar 09, 2015 @ 10:45
    Mads Larsen
    1

    @Sören - I got it working. It was a combination of inheriting from UmbracoAuthorizedApiController and using the new (not so well documented) back office url. For me it was not necessary explicitly setting the [IsBackOffice] attribute, as you describe in your topic, since this is inherited from UmbracoAuthorizedApiController.

    So, if others stumble upon this thread, the url for accessing back office webapi controllers is: .../umbraco/backoffice/api/{controller}/{action}

     

  • Sören Deger 733 posts 2844 karma points c-trib
    Mar 09, 2015 @ 10:53
    Sören Deger
    0

    Great, thank you for the answer! I'm glad that it is now also works for you. Please can you mark the entry with the solution above as solved so that others simply can directly find the solution?

    Best,

    Sören

Please Sign in or register to post replies

Write your reply to:

Draft