SignalR in ASP.Net Core 401 Unauthorized

Question

I have a small problem with my UWP app. First, the UWP app has the following capabilities:

• Enterprise Authentication
• Shared user certificates
• Private Networks
• User Account Information

Now I want to connect to a SignalR-Hub in an ASP.NET Core 2.1 Web API. The hub looks like this:

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.SignalR;

namespace Test.Namespace
{
    [Authorize]
    public class SyncHub : Hub
    {
        public void SendUpdate()
        {
            Clients.All.SendAsync("Update");
        }
    }
}

And this is my Startup.cs:

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.SignalR;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace Test.Namespace
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddSignalR();
            services.AddSingleton<IUserIdProvider, NameUserIdProvider>();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();

            app.UseSignalR(routes =>
            {
                routes.MapHub<SyncHub>("/syncHub");
            });
            app.UseMvc();
        }
    }
}

The whole API runs on an IIS with Windows Authentication configured. The Active Directory runs on the same machine.

And this is how my UWP app calls the Service:

            HubConnection connection = new HubConnectionBuilder().WithUrl("http://Server:81/syncHub", options => {
                options.UseDefaultCredentials = true;
            }).Build();
            await connection.StartAsync();

This call always throws a 401.

What am I doing wrong? I work on this Problem for more than a week now and I can't figure out why it is not working.

Thanks to all who will help me :)

Edit: So I tried a few thinks today and found out, that this is not a problem of SignalR itself.I created a ASP.NET Core console app with the exact same call and everything works fine. It also works when I hardcode the credentials in the UWP app. It only doesn't work when I use "UseDefaultCredentials" in UWP. I am completly clueless. I have rechecked the capabilities but this doesn't help either.

Answer 1

Finally!

The answer was realy hard to find, but now it is working! According to this site: https://support.microsoft.com/en-us/help/303650/intranet-site-is-identified-as-an-internet-site-when-you-use-an-fqdn-o

the app identifies the call as a call to the internet and therefore does not allow sending the default credentials. I must add this page manually to the local Intranet sites with the Internet Explorer and than it worked like a charm.

Thank to all who helped me with this :)

Answer 2

It seems app.UseHttpsRedirection(); fail to redirect the client credentials.

Try to make a test with https url.

var hubConnectionBuilder = new HubConnectionBuilder();
var hubConnection = hubConnectionBuilder.WithUrl("https://localhost:44381/timeHub",options => {
    options.UseDefaultCredentials = true;
}).Build();
await hubConnection.StartAsync();