If I go to http://www.domain.com/rest/cms.country from a browser I am prompted with a login box. No combination of username/password will log me in. I just keep getting the login box. I've tried various users all of which are known global admin.
If I login to Kentico first and then access the link I get a list of countries. If I generate an authentication hash in the settings and use that it also works. I know that my rest is configured properly and that it works. I'm just not able to authenticate.
- I've tried on both K7 and K8.
- I have reviewed and confirmed everything in this article (https://docs.kentico.com/display/K8/Configuring+the+REST+service)
- As well as this article (https://docs.kentico.com/display/K8/Authenticating+REST+requests).
- I've tried Basic authentication as well as Forms with the same result
- I've tried using the browser
- I've tried using the Advanced Rest Client Google extension
- I've tried all manner of .net code combinations.
- I've tried using Ajax.
Nothing works. Clearly something in my web.config or settings isn't correct and it isn't correct on at least 5 of our server instances.
Does anyone have any idea why I can't authenticate against the rest services?
UPDATE: I saw an article about enabling settings in IIS so I turned on most of the IIS Roles in the OS. That didn't help.
I did find something interesting. If I requested data from a custom table it would work but if requested a base object (eg /rest/CMS.User, /rest/CMS.Country) it wouldn't work. I started playing around with how credentials are passed. The user for all calls is a Global Admin just to eliminate object permissions as an issue.
I had been passing credentials like:
CredentialCache mycache = new CredentialCache();
mycache.Add(new Uri(urlHelperInfo.URL), "Basic", new NetworkCredential(urlHelperInfo.Username, urlHelperInfo.Password));
httpRequest.Credentials = mycache;
This worked for custom table data but not base objects (as mentioned above).
However, if I just encoded it and slapped it on the header like below, I was able to request and get data from base objects (/rest/CMS.Country).
String encoded = System.Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes(username + ":" + password));
httpRequest.Headers.Add("Authorization", "Basic " + encoded);
I'm not terribly thrilled with this. Can anyone shed some light on how this is working?