I added below lines in web config to fix the issue and it worked.

我在 web 配置中添加了以下几行来解决这个问题并且它起作用了。

   <security>
        <authorization>
            <add accessType="Allow" users="*" />
        </authorization>
    </security>

You can specify the username and password as part of the URL:

您可以指定用户名和密码作为 URL 的一部分：

http://username:[email protected]/foo/bar/baz

Note: Just because you candoesn't mean you should. While this can be a temporary solution to test things, I would not suggest doing this in production. And in the old days, this is how we did it. But as @DiskJunky points out, "URLs are easily visible to pretty much anything/anyone" which includes your browser history, server logs, and perhaps worse.

注意：仅仅因为你可以并不意味着你应该。虽然这可以是测试事物的临时解决方案，但我不建议在生产中这样做。在过去，我们就是这样做的。但正如@DiskJunky 指出的那样，“几乎任何人/任何人都可以轻松看到 URL”，其中包括您的浏览器历史记录、服务器日志，甚至可能更糟。

If you are using WebClient you need to set the Credientials. How are you calling the web api from the windows service?

如果您使用的是 WebClient，则需要设置凭据。你是如何从windows服务调用web api的？

I suspect that the two web services may be hosted on the same server. In this case, the problem may be caused by the loopback check. In order to test, try referencing the service without using the fully qualified domain name and see if it works. If it does, use the following steps to specify which host names are on the local computer.

我怀疑这两个 Web 服务可能托管在同一台服务器上。在这种情况下，问题可能是由环回检查引起的。为了进行测试，请尝试在不使用完全限定域名的情况下引用服务，看看它是否有效。如果是，请使用以下步骤指定本地计算机上的主机名。

Method 1: Specify host names (Preferred method if NTLM authentication is desired)(http://support.microsoft.com/kb/896861)

方法 1：指定主机名（如果需要 NTLM 身份验证的首选方法）（http://support.microsoft.com/kb/896861）

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

要指定映射到环回地址并可以连接到您计算机上的网站的主机名，请执行以下步骤：

1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. Right-click MSV1_0, point to New, and then click Multi-String Value.
5. Type BackConnectionHostNames, and then press ENTER.
6. Right-click BackConnectionHostNames, and then click Modify.
7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8. Quit Registry Editor, and then restart the IISAdmin service.

1. 将 DisableStrictNameChecking 注册表项设置为 1。有关如何执行此操作的详细信息，请单击下面的文章编号以查看 Microsoft 知识库中的文章：281308 连接到基于 Windows 2000 的计算机或 Windows Server 2003 上的 SMB 共享-基于计算机可能无法使用别名
2. 单击开始，单击运行，键入 regedit，然后单击确定。
3. 在注册表编辑器中，找到并单击以下注册表项：HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. 右键单击 MSV1_0，指向新建，然后单击多字符串值。
5. 键入 BackConnectionHostNames，然后按 Enter。
6. 右键单击 BackConnectionHostNames，然后单击修改。
7. 在“数值数据”框中，键入本地计算机上站点的主机名或主机名，然后单击“确定”。
8. 退出注册表编辑器，然后重新启动 IISAdmin 服务。

http://blogs.4ward.it/impersonation-issues-401-error-mvc-and-web-api-4-5/

http://blogs.4ward.it/impersonation-issues-401-error-mvc-and-web-api-4-5/

**Edited to be in the form of an answer and include detailed steps from referenced links

**编辑为答案的形式，并包含来自参考链接的详细步骤

My 2 cents: I faced a scenario where we were baffled by an HTTP 401 when requesting an image when the web application was deployed. We use WiX as our packaging and install solution. In this specific case, the image wasn't being packaged by the installer and hence the path did nor exist on the deployed instance.

我的 2 美分：我遇到了一个场景，在部署 Web 应用程序时请求图像时，我们被 HTTP 401 弄糊涂了。我们使用 WiX 作为我们的打包和安装解决方案。在这种特定情况下，安装程序未打包映像，因此该路径在部署的实例上不存在。

One may wonder why this threw a 401when a 404(not found) would have been expected - my understanding is that since our path was not directly under the root but something like root/content/images/image.png, and I made an anonymous request, I got a 401 (unauthorized) as I did not have the access to browse the directory. I confirmed this by adding an Authorization header to my request and then as expected I got a 404.

有人可能会问，为什么这个扔了401，当404（未找到），本来预计-我的理解是，既然我们的道路是没有直接的根源，但像根/内容/图像/ image.png下，我做了匿名请求，我收到了 401（未经授权），因为我无权浏览目录。我通过在我的请求中添加一个 Authorization 标头来确认这一点，然后正如预期的那样，我得到了一个404。