jQuery AJAX post receives 405 error (HTTP verb POST not allowed)

jquery asp.net ajax rsa

10,913

Solution 1

Based on this:

The jQuery post and the web method both work wonderful in a Windows Authenticated environment (ie - users are authenticated by LDAP). However, I recently had to move the website to a server that uses RSA (two-factor authentication, pin and token code) for authenticating users in order to gain access to the site. And what I'm seeing now is that all my jQuery posts are returning "405 error".

It's clear that the error is related with the server configuration, but to be completely sure, if you can, create a new site in the RSA server and for this site disable the RSA authentication, try to browse your site just to be absolutely sure that the error is only related with the RSA authentication, discarding missing code-related components/configuration in the new server

Once you have discarded code-related configuration issues, I would encourage you to double check your RSA configuration (which can be tricky). Once I worked in a project using RSA security in order to implement a SSO across servers. (Single Sign On), I remember there was a RSA ISAPI filter installed at the server level, and this filter was in charge to read/set authentication cookies in order to authenticate each request against an Active Directory Server.

Since each request was managed by this filter and this ISAPI filter was at the top of the pipeline, every request had to be handled by the RSA ISAPI filter first in order to be authenticated

So my suggestion is double check the RSA configuration in order to detect if there's something blocking your AJAX posts

I remember the RSA configuration was like a black magic box, we didn't have enough documentation and configuring it was a PITA. I sincerely hope this is not the case in your organization

Solution 2

The 405 HTTP Code is the "Method Not Allowed" code. So, you have some incorrect setting in your new architecture. It is certainly a server misconfiguration. This error could stem from a number of places and without access to your server it's going to be pretty hard for someone else to tell you what's going on. But maybe I can give you some starting points...

Have you double checked your web.config? That would be a common place for an error like this to stem from.

Have you checked your IIS logs? That would also be a very good place to start.

What happens if you try to POST without setting the contentType of your request? Maybe your page is not setup to receive JSON requests.

Have you tried using Fiddler? Try sending the POST request from an external client.

Update

A few more suggestions:

Have you tried disabling SSL? I would disable it just to make sure that the problem is not SSL-related.

Are you doing any URL rewriting? If so this could certainly be related.

Can you POST to any URLs successfully? Maybe IIS has POST disabled altogether. If so, here is an article that could help you enabled it, and here is a thread that might help as well.

Have you tried adding HttpPost into your web.config? Something like this:

<webServices>
   <protocols>
      <add name="HttpPost" />
   </protocols>
</webServices>

10,913

Author by

Jagd

If there was a bronze badge for "Asked a dumb question", I'd have a whole lot of bronze badges.

Updated on June 15, 2022

Comments

Jagd almost 2 years
I have the following jQuery post to an ASP.NET webmethod:
```
$.ajax({
    type: "POST",
    url: "AjaxWebMethods.aspx/UpdNote",
    contentType: "application/json; charset=utf-8",
    data: "{'ID' : '" + id + "', 'note' : '" + note + "' }",
    dataType: "json",
    success: UpdNote_Success,
    error: AjaxError
});
```
And the web method is declared:
```
[System.Web.Services.WebMethod(enableSession: true)]
public static int UpdNote(int ID, string note) {
    // business logic that eventually returns a number, but simplifying
    // ... for the sake of brevity
    int retNum = 99;

    return retNum;
}
```
The jQuery post and the web method both work wonderful in a Windows Authenticated environment (ie - users are authenticated by LDAP). However, I recently had to move the website to a server that uses RSA (two-factor authentication, pin and token code) for authenticating users in order to gain access to the site. And what I'm seeing now is that all my jQuery posts are returning "405 error".

Cross-site requests comes to mind, obviously, but none of that is going on here. All of the jQuery AJAX posts are using web methods that are declared in the AjaxWebMethods.aspx, which page resides in the site's own domain.

Thanks in advance for any help or suggestions!

EDIT:

Using Fiddler in IE8 gives me a little more information. The error code that it returns is still 405, but the server error is more descriptive. The server error is "The HTTP verb POST used to access path '/AjaxWebMethods.aspx/UpdNote' is not allowed."

I did try changing the type parameter of the ajax request to GET, but I get a 404 instead (The resource cannot be found).

Also, forgot to mention that this is over SSL (although I don't expect this would make a difference).

EDIT:

After extensive testing (and extensive help from the astute members of stackoverflow) I've determined that 405 error is directly related to the Application Pool that the website is using, and more specifically to the Managed Pipeline Mode that is selected for the Application Pool.

If I use an Application Pool that targets v4.0 (.NET Framework) and Integrated (Managed Pipeline Mode) then my AJAX post works just fine. But if I use an Application Pool that targets v4.0 and Classic (Managed Pipeline Mode) then I get the 405 error.

So at this point I'm still looking for a solution to this question, although I've been able to home-in on the problem.