DEVHIDE
Login Or Sign up

IIS and HttpListener (.NET) with windows authentication

417 Views Asked by At

I have a question about windows authentication with IIS and HttpListner

I have following setup (All installed in same windows 8.1 box. No outside communication). All requests are sent as http://localhost/......

IIS

ASP.Net web application authentication

Anonymous: Disabled 
Windows Authentication: Enabled

.Net httpListener

running as a Service run as local System Account. and enabled windows authentication

this.httpListener = new HttpListener();
this.httpListener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;

UWP Application (Windows 8.1)

UWP Application is just like a web browser. It has WebView control to see web contents.

Following capabilities enabled

  • Enterprise Authentication
  • Internet (Client)
  • Location
  • Private Networks (Client & Server)

Problem

When I navigate from the uwp app to the IIS web app it is asking for the credentials by popping up windows dialog. This is annoying for the user experience perspective because user is logged in with same credencials. But When I access Http Listener it is authenticate correctly and no credentials dialog.

Also I checked the requests through fiddler. Initial request is identical, but with next steps for IIS request, it is continuously asking for NTLM.

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate oYHOMIHLoAMKAQGhDAYKKwYBBAGCNwICC........
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET

Initial Request/Response

IIS

Request

GET http://localhost/webapp_net/ HTTP/1.1
Accept-Encoding: gzip, deflate
Host: localhost
Connection: Keep-Alive

Response

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Date: Tue, 20 Nov 2018 21:37:24 GMT
Content-Length: 6016
Proxy-Support: Session-Based-Authentication

HttpListener

Request

GET http://localhost/appman HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; WebView/2.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: localhost

Response

HTTP/1.1 401 Unauthorized
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
Date: Tue, 20 Nov 2018 21:37:18 GMT
Proxy-Support: Session-Based-Authentication

Does anyone have similar experience or explanation for this ?

windows authentication iis httplistener ntlm-authentication
Original Q&A
0

There are 0 best solutions below

Related Questions in WINDOWS

Related Questions in AUTHENTICATION

Related Questions in IIS

Related Questions in HTTPLISTENER

Related Questions in NTLM-AUTHENTICATION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.