naspinski
naspinski

Reputation: 34717

Asp.Net Core SignalR with Windows Authentication (401)

I am simply trying to get SignalR to work with Asp.Net Core on IIS. It works great locally (of course), but when deployed I get:

HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).

This is happening when

await hub.StartAsync();

is called, in my IIS I have:

enter image description here

This is an intranet site, and this is required.

I am currently initializing the Hubs like this:Hub = new HubConnectionBuilder()
    .WithUrl(navMan.ToAbsoluteUri(hubPath), options =>
    {
        options.Transports = Microsoft.AspNetCore.Http.Connections.HttpTransportType.WebSockets;
        options.UseDefaultCredentials = true;
    })
    .WithAutomaticReconnect()
    .Build();

At this point, I have changed everything around so much I don't know which way is up. I guess my question is: how do I get this working in an Asp.Net Core environment? Can it work? What else do you need form me to troubleshoot? Thank you.

EDIT: Looks to be a known issues: https://github.com/dotnet/aspnetcore/issues/25000

Upvotes: 0

Views: 2188

Answers (2)

kevinpo
kevinpo

Reputation: 1963

I am using .NET Framework and a self-hosted server, not ASP.NET Core. I'm not sure if that matters for this type of issue though.

I tried setting my site as Trusted, tried with and without the FQDN, and tried adding the NameUserIdProvider. None of that worked when connecting to another machine. Locally, I was able to connect using "localhost" or my local hostname, both with and without FQDN. Even locally though, I tried modifying my hosts file to point "localhost2" to 127.0.0.1 and it failed. It's like there was some sort of special validation against true Active Directory before it was actually pass the credentials.

For me, the only way I found to prevent the 401 was to connect via the IP address instead of the hostname. I am using a .NET client also, so I was able to use the following to still reference the hostname but translate it to an IP address.

var hostEntry = Dns.GetHostEntry(hubMachineName);
var ipAddress = hostEntry.AddressList[0];

var url = $"http://{ipAddress}:8080/hubName";

Upvotes: 0

JohanThorild
JohanThorild

Reputation: 143

Also came across this exception when building an Blazor Server chat app with windows authentication. Googled a bit found this Authentication and authorization in ASP.NET Core SignalR - Windows authentication

I added the NameUserIdProvider class, added it to Startup.cs and no more issue.

Upvotes: 1

Related Questions