How to stop 401 response from TFS 2008

Question

How to stop 401 response from TFS 2008

Whenever a web request is executed using Visual Studio in TFS, Fiddler will display a 401 Unauthorized error. Visual Studio will then retry with the appropriate authorization header header, with which TFS will respond with the appropriate data and status code 200.

How can I get the right headers to send for the first time to stop 401?

0

tfs authorization http-status-code-401 tfs2008

Ray booysen Feb 24 '09 at 9:30

source share

3 answers

You will see that the web browser also does this when communicating with the website. He will always try to give the minimum amount of detail on the first call. If this fails, it will show you a little more about you.

This is for design and for a very good reason.

0

Chris simpson Feb 24 '09 at 9:45

source share

Here's how it's always done - request, return 401, then send authorization. This is part of the authentication protocol for http.

0

Brady moritz Apr 19 '11 at 5:06

source share

Martin woodward · Accepted Answer · 2009-02-24T10:40:41+0000

This is how Windows Integrated Authentication (NTLM) works. NTLM is a connection-based authentication mechanism and actually includes 3 calls to establish an authenticated session.

The TFS API then transitions to unusual lengths to make sure that this handshake is performed in the most efficient way. He will keep the authenticated connection open for a certain period of time to avoid this hand shake where possible. It will also perform initial authentication using the HTTP payload with minimal content, and then send a real message if the message you are about to send is a certain length. He also performs many other tricks to optimize the connection with TFS.

Basically, I would just leave him alone, as it works well.

How to stop 401 response from TFS 2008

More articles: