Add an AutomaticChallenge option to disable HttpSys from adding auth headers on 401
#5.888 aberto em 18 de jun. de 2018
Métricas do repositório
- Stars
- (37.933 stars)
- Métricas de merge de PR
- (Mesclagem média 16d 9h) (258 fundiu PRs em 30d)
Description
Hi , I have a REST API appilcation hosted on HTTP.Sys with windows authetication option enabled . The REST API is protected by "Bearer" authentication scheme . Once the API invoked with invalid token the authentication scheme returns 401 with "WWW-Authenticate" "Bearer" header . Since application is hosted on HTTP.Sys the additional "WWW-Authenticate" "Negotiate" header has been added by AuthenticationManager of Http.Sys . The application uses windows authentication only in the user authentication endpoint . Is there a way to add windows authentication to specific route once hosted on http.sys ?