Portal Engine Questions on portal engine and web parts.
Version 6.x > Portal Engine > Can't get RESTful authentication hash for forms auth to work View modes: 
User avatar
Certified Developer v6
Certified Developer v6
hoppe - 1/7/2013 1:10:52 PM
   
Can't get RESTful authentication hash for forms auth to work
I implemented a restful request and it works for typical authenticated users. I'm trying to use the authentication hash to get it to work with unauthenticated users as well, but the query returns 401 unauthorized in that case.

I used the generate authentication hash tool to generate this URL: /rest/content/site/surroundhealth/en-us/document/Topics?hash=bb986066ae533bbff82e3255675dd88c090af8986934a9edef2fd12082e4aa3d

Why doesn't this work? It's just a GET request.

I saw someone mention on this post https://devnet.kentico.com/Forums/f56/fp1/t24091/Problems-using-the-RESTful-service.aspx that authentication hashes only work for authenticated requests. Is that true? I don't see that documented anywhere.

User avatar
Kentico Support
Kentico Support
kentico_zdenekc - 1/20/2013 9:30:44 AM
   
RE:Can't get RESTful authentication hash for forms auth to work
Hi,

The hash autentication for REST requests works with both authentication types.
The problem is in the hash. It has to be based on full (absolute) URL, i.e. including the domain, so please use the pattern:
http://<yourDomain>{/yourAppVirtualDirectory}/rest/content/site/surroundhealth/en-us/document/Topics?
to generate REST url with correct authentication hash. The {} part is optional if you use virtual directory. Just a note - I would recommend not to publish any functional REST query with authentication hash publicly if it's not intended :) (to keep your data secure)

As for the mentions from the other thread - It wouldn't make sense then to offer the hash authentication, if the user had to be authenticated first :)
It was probably guessed from the behavior, that the authenticated users that try the hashed request (created from url without domain) will see it works if you set the REST to use Forms authentication, as they're forms-authenticated at the moment. The unauthenticated will see the logon prompt and when you use the basic authentication, the 401 will occur.

The hash authentication has higher priority so it's tried first (when there is a hash at all), then the standard authentication methods take place and if both fail, you get 401.

Hope this sheds some more light to the issue.
Should you need any additional details, please feel free to ask.

Regards,
Zdenek C

User avatar
Certified Developer v6
Certified Developer v6
hoppe - 1/25/2013 12:27:48 PM
   
RE:Can't get RESTful authentication hash for forms auth to work
Thanks! That finally made it work.

You should get rid of the requirement that the URL must have an absolute URL. I never would have known that if you didn't tell me!

If not provided, you should be able to use the referrer header to determine which Kentico site I'm on :)

User avatar
Kentico Support
Kentico Support
kentico_zdenekc - 1/31/2013 1:44:26 AM
   
RE:Can't get RESTful authentication hash for forms auth to work
Hi,
Thank you for the feedback and suggestion.
I have forwarded it to our developers and technical writers, so we could both improve the documentation (give some hint of the required absolute URL) and consider adding the functionality to automatically ensure the full URL if only a relative one was entered.

Regards,
Zdenek