自托管的OWIN .NET 4.5 Web API 2不适用于Windows身份验证和https

Question

I am trying to get Web API 2 to work with Windows authentication and SSL. It looks like it can work with either one or the other, but when I enable both Windows authentication and SSL, I keep getting 401 responses from the server.

This is how we enable Windows authentication:

HttpListener listener = (HttpListener)appBuilder.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;

When running with just HTTP (no HTTPS), Windows authentication seems to work. I see 401 responses followed by a 200 response.

I am also trying to get it to work with HTTPS on my local machine.

I went through the following steps to enable HTTPS:

• Added a mapping to the server name in my hosts file
• Installed a certificate (with the help of this post )
• Reserved a URL ( https://+:10001/ )
• Ran the service under the reserved URL

Starting the service:

var startOptions = new StartOptions();
startOptions.Urls.Add(baseUrl); // baseUrl is "https://+:10001/"
_webApplication = WebApp.Start<Startup>(startOptions);

If I disable Windows authentication (comment out the 2 lines with HttpListener above), I can access the service using the HTTPS protocol. The browser recognizes the certificate.

When I enable Windows authentication, I keep getting 401 responses (in Fiddler I can see up to 6 401 responses for one request). A browser keeps prompting me to log in, and fails after a number of attempts with a 401 code.

I have been trying to find someone facing a similar problem. This post looked promising. However, the author did not seem to have any issues with the .NET 4.5 version of OWIN.

Could anyone please advise? Thank you!

Answer 1

Our problem was the authentication rather than SSL.

• Using AuthenticationSchemes.Ntlm helped
• The other problem was the correct registration of the server name within the organization, so that clients (developers' machines) could access it