locked
HttpClient always send NTLM package

    Question

  • We use HttpClient to connect our server, we will got bug in this case. when our server enable authentication, client use below code, we can connect to server, then server disable authentication, client connect to server fail, because client still send NTLM negotiation package. 

                HttpBaseProtocolFilter filter = new HttpBaseProtocolFilter();
                filter.AllowUI = false;
    
                filter.ServerCredential = new Windows.Security.Credentials.PasswordCredential(uri[i], username, password);
                filter.CacheControl.ReadBehavior = HttpCacheReadBehavior.Default;
                filter.CacheControl.WriteBehavior = HttpCacheWriteBehavior.NoCache;
                HttpClient client = new HttpClient(filter);
                var httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, new Uri(uri[i]));
                HttpStringContent content = new HttpStringContent(msg[i], Windows.Storage.Streams.UnicodeEncoding.Utf8 , "application/json");
                httpRequestMessage.Content = content;
    
                var response = await httpClient.SendRequestAsync(httpRequestMessage);
                string respStr = await resp.Content.ReadAsStringAsync();

    we set filter.ServerCredential = null and hope client send normal package to server, but client still send NTLM negotiate package. i upload the network trace package to below url https://onedrive.live.com/redir?resid=37605595D960067C%21105

    this is right package capture .https://onedrive.live.com/redir?resid=37605595D960067C%211812


    Thursday, July 31, 2014 7:29 AM

All replies

  • What scenario do you have where you change the server authentication type?  There might be an issue here, but the setup is really weird.

    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.

    Thursday, July 31, 2014 12:21 PM
    Moderator
  • Is this the same scenario as your other thread?

    Matt Small - Microsoft Escalation Engineer - Forum Moderator
    If my reply answers your question, please mark this post as answered.

    NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined objects and unknown namespaces.

    Thursday, July 31, 2014 3:25 PM
    Moderator
  • Our server support LDAP account login or local account login.

    success:server enable LDAP login, Client use LDAP account login firstly, and send NTLM package to server, and login success.

    server disable LDAP login, Client use local account login firstly, send normal package to server, and login success.

    Failure: server enable LDAP login, Client use LDAP account login firstly, login success, then server disable LDAP login, Client change to local accont to login, client still send NTLM package, cause login failure.

    we donot konw how to control HTTPClient use NTLM authentication. because we set filter.ServerCredential = null is no useful.

    Friday, August 01, 2014 3:06 AM
  • have any update about how contorl HTTPclient use NTLM authentication?

    i just confirm filter.ServerCredential = null is not work.

    Tuesday, August 05, 2014 6:12 AM