Reputation: 1017
NTLM authentication in WCF calling .net core API
I have a WCF service (A) that calls another WCF service (B) with the below configuration.
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
I'm working on calling service B from a .net core (v2.2) service. I have the below setup:
BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
basicHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Ntlm;
basicHttpBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
// doesn't have Default as the option. Only TripleDes
//basicHttpBinding.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.TripleDes
basicHttpBinding.MaxReceivedMessageSize = int.MaxValue;
basicHttpBinding.ReceiveTimeout = new TimeSpan(250000000000);//Timespan in nanoseconds.
EndpointAddress endpointAddress = new EndpointAddress("http://");
customerServiceClient = new CustomerServiceClient(basicHttpBinding, endpointAddress);
NetworkCredential networkCredential = new NetworkCredential("user", "password", "domain");
customerServiceClient.ClientCredentials.Windows.ClientCredential = networkCredential;
customerServiceClient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
I'm getting the error: Authentication failed because the connection could not be reused. Below is the partial stack of the exception:
{"Message":"Authentication failed because the connection could not be reused.","Data":{},"InnerException":{"Message":"Authentication failed because the connection could not be reused.","Data":{},"InnerException":null,"StackTrace":" at System.Net.Http.HttpConnection.DrainResponseAsync(HttpResponseMessage response)\r\n at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.SendWithNtConnectionAuthAsync(HttpConnection connection, HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)\r\n at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n...
Please let me know how to get this fixed. Also, this API will be deployed into PCF.
Thanks, Arun
Upvotes: 2
Views: 4526
Answers (1)
Reputation: 7522
At present, NetCore doesn’t support message security mode. Thereby the below statement won’t work.
basicHttpBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
But the NetCore2.2 supports the WCF service with TransportCredentialOnly security mode.
Here is an example of invocating the service.
ServiceReference1.ServiceClient client = new ServiceReference1.ServiceClient();
NetworkCredential nc = new NetworkCredential("administrator", "abcd1234!");
client.ClientCredentials.Windows.ClientCredential = nc;
var result = client.TestAsync().Result;
Console.WriteLine(result);
After we add connected service reference, the binding settings and endpoints have already configured in the Reference.cs file.
We just need to modify the default service endpoint address.
Then we configure the Windows credential on the client-side. On my side, it works.
Please make sure your client project based on AspNet Core2.2
Besides, please refer to the discussion in the official Github repository. It might be useful to you.
https://github.com/dotnet/wcf/issues/2923
Feel free to let me know if there is anything I can help with.
Upvotes: 4
Related Questions
- Calling WCF service with NTLM auth from .NET Core on linux
- Authentication scheme in .net core calling wcf
- .Net Core WCF Client - NTLM Auth - 401
- .net core 2 and Higher : connected services WcfServiceClient SOAP with NTLM Authorization how to?
- NTLM authorization WCF in ASP.NET Core does not work
- Calling windows authenticated WCF service from c#
- Authenticate a call to a WCF service
- How do I authenticate a console application with a WCF web service using NTLM?
- WCF and Windows authentication
- WCF call with windows authentication