简体繁体中英

IIS removes Authorization header from the http request, when the request is from outside my LAN

原文 2015-07-28 09:23:51 0 1 wcf/ authentication/ http-headers/ iis-7.5/ windows-server-2008-r2

I have an IIS 7.5 on Windows Server 2008 R2. It has the Basic, Anonymous and Windows Authentication modes enabled. I have hosted a restful WCF service in it.

I make an http request with Authorization header from my client within the LAN/VPN, all goes well. On the service side I could see that the OperationContext.Current.IncomingMessageHeaders contains the Authorization header with the right value.

When I attempt to do the same from outside the LAN/VPN, (I used a different Internet connection and also a public proxy), the OperationContext.Current.IncomingMessageHeaders seems to have missing Authorization header.

I am unsure as to what exactly removes the header. I suspect a misconfigured IIS. Any clues?

1 answers

如果您希望服务按照问题似乎总是进行Windows身份验证，请在IIS中删除禁用所有其他身份验证模式，则来自LAN的请求正在传递，可能是因为请求该请求的人来自Internet中的同一域（简单地说）将采用最少要求的身份验证模式，在这种情况下将为匿名模式。

IIS How to block http request from browser

Authorization Header is missing in Http request using WCF

How to Get the Authorization header from wcf request interceptor

Forward request from IIS based on custom logic

No HTTP request occurs when calling WCF Service from Silverlight client

Fiddler - Change HTTP Request Header

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic Realm’

"The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate'"

The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Negotiate,NTLM'

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IIS How to block http request from browser Authorization Header is missing in Http request using WCF How to Get the Authorization header from wcf request interceptor Forward request from IIS based on custom logic No HTTP request occurs when calling WCF Service from Silverlight client Fiddler - Change HTTP Request Header The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic Realm’ "The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate'" The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Negotiate,NTLM'

Related Tags

IIS removes Authorization header from the http request, when the request is from outside my LAN

Question

1 answers

solution1 0 ACCPTED 2015-07-28 10:20:00

solution1
0 ACCPTED 2015-07-28 10:20:00