I am unable to successfully call a WCF service with NTLM authentication from .NET Core running on a linux box (docker container). The same code works perfectly on Windows 10 though.
What I have done:
ConfigureServices
:AppContext.SetSwitch("System.Net.Http.UseSocketsHttpHandler", false);
apt-get -y install gss-ntlmssp
var client = new WcfServiceSoapClient();
client.Endpoint.Address = new EndpointAddress(settings.Uri);
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
client.ClientCredentials.Windows.ClientCredential = new NetworkCredential
{
Domain = settings.Domain,
UserName = settings.Username,
Password = settings.Password
};
var binding = (BasicHttpBinding)client.Endpoint.Binding;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Ntlm;
As mentioned this works fine on Windows 10. On Linux the following error is logged:
System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM, Negotiate'.
at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
at System.ServiceModel.Channels.ServiceChannelProxy.TaskCreator.<>c__DisplayClass1_0.<CreateGenericTask>b__0(IAsyncResult asyncResult)
Question is: why is it still failing on linux?
I had the same problem and was able to fix it, with a lot of help from the guys on the net core GitHub.
Essentially net core uses the underlying OS to handle http calls. Before, on Linux libCurl was used, but the newer SocketsHttpHandler uses gss, which doesn't come with ntlm support (at least not in the 'microsoft/dotnet:2.2-aspnetcore-runtime-stretch-slim' image).
To fix this you need to install an extra library in your container, using the docker file. Right after
FROM microsoft/dotnet:2.2-aspnetcore-runtime-stretch-slim
(Or whatever image you use)
on the next line add the following:
RUN apt-get update && apt-get install -y --no-install-recommends apt-utils gss-ntlmssp
Hope this helps!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With