how can authenticate a client on a different machine on a WebAPI with a user from WebAPI's domain?
Question
I have an ASP.NET Web Api 2.2 with Windows Authentication enabled.
And also, I have a client with .NET Framework 4.0 to connect to this WebAPI:
HttpClientHandler handler = new HttpClientHandler()
{
UseDefaultCredentials = true
};
// Llamar al servicio web para obtener los códigos.
using (var client = new HttpClient(handler))
{
}
But the client will run in a computer that it isn't on the same domain than the web api.
Is UseDefaultCredentials = true enought or do I have to pass user, password and domain to the web service?
1 answers
solution1
1 2015-04-30 10:13:23
IIS is going to try and authenticate the HTTP request coming in using Windows Authentication and it's going to fail because the box is on a different domain. None of your server side code is going to execute. Take a look at the HTTP request/response flow in Fiddler or a browsers developer tools to understand the process of Windows Authentication better.
You could create a page on the server with anonymous access enabled which could run some authentication code but you'd need to consider how you're going to send the username and password over securely...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.