休息呼叫WebException 401仅在混合身份验证Webapp中未经授权

Question

I've come across a strange behaviour when trying to make a rest call from outside an SharePoint app (specificly from a .NET console application). As long as I use DefaultCredentials everything is fine, as long as my webapplication does not allow FBA (form based authentication) I'm able to hand over NetworkCredentials without problems.

But as soon as FBA authentication is activated I'm not able to make the rest call and 401 Unauthorized is returned.

var req = (HttpWebRequest)HttpWebRequest.Create("http://{url}/_api/web/title");
req.Method = "GET";
req.Credentials = new NetworkCredential("{user}", "{pass}");
req.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
var response = (HttpWebResponse)req.GetResponse();

I also tried this way to hand over credentials like this:

var req = (HttpWebRequest)HttpWebRequest.Create("http://{url}/_api/web/title");
req.Method = "GET";
req.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
var ccache = new CredentialCache();
ccache.Add(new Uri("http://{url}"), "Basic", new NetworkCredential("{user}", "{pass}"));
req.Credentials = ccache;
var response = (HttpWebResponse)req.GetResponse();

Does anyone have a hint or idea what could be wrong and how I can achieve my goal to access rest api with credentials in a mixed authentication web app?

Answer 1

A workaround that should work would be to extend your SharePoint web application to a second zone - and on that zone don't have FBA turned on. So you'd have something like this: www.mysharepointsite.com <- FBA + Windows Authentication access restapi.mysharepointsite.com <- Windows Authentication Only

And then just point your calls to restapi.mysharepointsite.com instead of www.mysharepointsite.com.