Reputation: 41
ASP.NET Web API - NTLM authentication and HTTPS
I have the following configuration:
- self-hosted ASP.NET Web API
- ASP.NET MVC 3 web application
Web app [2] comunicates with Web API [1] over HTTPS. They both (for now) live on the same machine.
Http binding for the Web API [1] is configured like that:
httpBinding.Security.Mode = HttpBindingSecurityMode.Transport;
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
httpBinding.TransferMode = TransferMode.Streamed
I cannot make it work using https AND ntlm authorization.
- If I communicate over plain http it works and I'm properly authenticated
- If I communicate over https it gives me "401 Unauthorized" error for all controller actions which have [Authorize] tag (it works for actions which do not require authorization though)
Why changing ONLY the transport protocol (from http to https) stops NTLM authentication from working?
Thanks for any help with that!
Upvotes: 4
Views: 3810
Answers (1)
Reputation: 1130
@Jacek Nowak I have run into the same problem myself and today I just came across the answer which is detailed in the following post.
Below is how I would code it up.
public class NTLMSelfHostConfiguration : HttpSelfHostConfiguration
{
public NTLMSelfHostConfiguration(string baseAddress) : base(baseAddress) { }
public NTLMSelfHostConfiguration(Uri baseAddress) : base(baseAddress) { }
protected override BindingParameterCollection OnConfigureBinding(HttpBinding httpBinding)
{
httpBinding.Security.Mode = HttpBindingSecurityMode.TransportCredentialOnly;
httpBinding.Security.Transport.ClientCredentialType = System.ServiceModel.HttpClientCredentialType.Ntlm;
httpBinding.ConfigureTransportBindingElement =
element => element.AuthenticationScheme =
System.Net.AuthenticationSchemes.IntegratedWindowsAuthentication;
return base.OnConfigureBinding(httpBinding);
}
}
public static class Program()
{
public static void main(string[] args)
{
var config = new NTLMSelfHostConfiguration("https://localhost/");
config.Routes.MapHttpRoute("Main",
"api/{controller}");
var server = new HttpSelfHostServer(config);
server.OpenAsync().Wait();
Console.WriteLine("Running");
Console.ReadLine();
server.CloseAsync().Wait();
}
}
Upvotes: 2
Related Questions
- Sending HTTP Headers with HTTP Web Request for NTLM Authentication
- .NET Core 3.1 WebApi project + NTLM Authentication
- Use NTLM Authentication in Web Request in .NET Core
- How to enable both CORS support and NTLM authentication
- Unable to add NTLM authentication to my C# MVC app
- NTLM authentication over HTTP
- HTTPS is required for security reason for Authenticate user
- Allow https Web Api connections
- Need Users to Re-authenticate with NTLM
- HttpWebRequest over HTTPS with NTLM not working