How to Suppress the Browser's Authentication Dialog

How can I suppress the browser's authentication dialog?

I don't think this is possible -- if you use the browser's HTTP client implementation, it will always pop up that dialog. Two hacks come to mind:

1. Maybe Flash handles this differently (I haven't tried yet), so having a flash movie make the request might help.

2. You can set up a 'proxie' for the service that you're accessing on your own server, and have it modify the authentication headers a bit, so that the browser doesn't recognise them.

how to prevent browsers authentication dialog angularjs

I solved my own issue and I answer my own question.

I find this answer and I applied. After that browsers authentication modal dialog hidden.

How to suppress the browser's authentication required dialog when doing an ajax call that requires authentication?

I've solved this problem by putting a proxy in between the browser and the service that requires authentication, in my case, a java servlet. The browser sends the AJAX request to the servlet, which forwards the request to the service, then sends back the services' response, omitting the "WWW-Authenticate" header. Your browser app. handles the HTTP 200 or 401 response code accordingly.

Similarly, the proxy could always return a 200 with a json response indicating the results of the forwarded request. This way you can discern the difference between a failure of your proxy and the response of the service.

One tricky thing you may have to deal with - if the far-end service responds with a set-cookie header, say because it's created a session for your client, then you have (at least) 2 possible paths to take.

1. your proxy will remember the cookie, your browser app. always goes through the proxy for this service, and the proxy adds this cookie to the subsequent forwarded requests.
   or
2. you ignore the service's cookie, and have the browser re-authenticate directly with the service once you've verified the username and password via the proxy. Though this may have the side-effect of creating an orphaned session with the service

Suppress browser authentication login dialog for a controller method that is using an [Authorize] action filter

Unfortunately, ASP.NET (and thus MVC) conflates Authorization and Authentication in may scenarios.

Check this question for a solution.

Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?

Prevent browser authentication dialog on 401

Moved the site to an IIS8 server and now the problem has gone...

How to disable browser basic authentication popup - Angular 5 + Spring Security

if you have the problem that you got a login popup when you send wrong credentials, its maybe because of your header.

Have you tried

headers = headers.append("X-Requested-With", "XMLHttpRequest");

append is not appending directly the header but returning a new header

Ajax authentication without letting browser pop up login dialog

The browser won't present the password dialog if it doesn't recognize the authentication scheme in the WWW-Authenticate header. Your best bet may be to continue using basic auth on the server while setting the header manually to something like "Basic/MyApp" for 401 responses.

---

Related Topics