How to prevent browser to invoke basic auth popup and handle 401 error using Jquery?
I need to send authorization request using basic auth. I have successfully implemented this using jquery. However when I get 401 error basic auth browser popup is opened and jquery ajax error callback is not called.
Solution 1:
I was facing this issue recently, too. Since you can't change the browser's default behavior of showing the popup in case of a 401
(basic or digest authentication), there are two ways to fix this:
- Change the server response to not return a
401
. Return a200
code instead and handle this in your jQuery client. -
Change the method that you're using for authorization to a custom value in your header. Browsers will display the popup for Basic and Digest. You have to change this on both the client and the server.
headers : { "Authorization" : "BasicCustom" }
Please also take a look at this for an example of using jQuery with Basic Auth.
Solution 2:
Return a generic 400 status code, and then process that client-side.
Or you can keep the 401, and not return the WWW-Authenticate header, which is really what the browser is responding to with the authentication popup. If the WWW-Authenticate header is missing, then the browser won't prompt for credentials.
Solution 3:
You can suppress basic auth popup with request url looking like this:
https://username:[email protected]/admin/...
If you get 401 error (wrong username or password) it will be correctly handled with jquery error callback. It can cause some security issues (in case of http protocol instead of https), but it's works.
UPD: This solution support will be removed in Chrome 59