401 response for CORS request in IIS with Windows Auth enabled

by

You can allow only OPTIONS verb for anonymous users. 

<system.web>
  <authentication mode="Windows" />
    <authorization>
      <allow verbs="OPTIONS" users="*"/>
      <deny users="?" />
  </authorization>
</system.web>

According W3C specifications, browser excludes user credentials from CORS preflight: https://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#preflight-request

More Related Contents:

  1. Unable to authenticate to ASP.NET Web Api service with HttpClient
  2. ASP.NET Web API returns 404 for PUT only on some servers
  3. How to authorize CORS preflight request on IIS with Windows Authentication
  4. WebAPI CORS with Windows Authentication – allow Anonymous OPTIONS request
  5. How to make CORS Authentication in WebAPI 2?
  6. The ‘Access-Control-Allow-Origin’ header contains multiple values
  7. So, JSONP or CORS? [closed]
  8. Error :Request header field Content-Type is not allowed by Access-Control-Allow-Headers
  9. Enable CORS in Web API 2
  10. HTTP 404 Page Not Found in Web Api hosted in IIS 7.5
  11. CORS support for PUT and DELETE with ASP.NET Web API
  12. MVC web api: No ‘Access-Control-Allow-Origin’ header is present on the requested resource
  13. AngularJS CORS Issues
  14. IIS hijacks CORS Preflight OPTIONS request
  15. HTTP PUT not allowed in ASP.NET Web API
  16. How can I use JSON on the web page from a source with neither CORS nor JSONP? [closed]
  17. Unable to get windows authentication to work through local IIS
  18. Exceptions in ASP.NET Web API custom exception handler never reach top level when CORS is enabled
  19. CORS enabled but response for preflight has invalid HTTP status code 404 when POSTing JSON
  20. jQuery XML error ‘ No ‘Access-Control-Allow-Origin’ header is present on the requested resource.’
  21. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  22. How to enable cors nodejs with express?
  23. What are the integrity and crossorigin attributes?
  24. Authentication issue when debugging in VS2013 – iis express
  25. WCFTestClient The HTTP request is unauthorized with client authentication scheme ‘Anonymous’
  26. Put content in HttpResponseMessage object?
  27. WebApi Json.NET custom date handling
  28. Routing in Asp.net Mvc 4 and Web Api
  29. Stop IIS 7.5 Application Pool Recycling
  30. What is the difference between DependencyResolver.SetResolver and HttpConfiguration.DependencyResolver in WebAPI

Leave a Comment