I am trying to this tutorial to my project:
I set header: SOAPAction as http://somuri.com/IHubService/processAirLFSearch
and my body looks like:
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://someuri.com">
<soapenv:Header/>
<soapenv:Body>
<OTA_AirLowFareSearchRQ>
...
</OTA_AirLowFareSearchRQ>
</soapenv:Body>
</soapenv:Envelope>
finally my url to service is: http://localhost:24030/HubService.svc
But I constantly this error:
HTTP/1.1 415 Cannot process the message because the content type
'application/octet-stream' was not the expected type 'text/xml;
charset=utf-8'.
What am I doing wrong?
By the way here what looks like my project screen shot:
What captured in fiddler:
This is successful request header
POST http://mycomputer:8989/MyService.svc HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://someuri.com/Login"
Content-Length: 389
Host: mycomputer:8989
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
and this is unsuccessful request header
POST http://mycomputer:8989/MyService.svc HTTP/1.1
SOAPAction: http://someuir.com/Login
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept: */*
Accept-Language: en-US
Accept-Encoding: GZIP
Host: mcomputer:8989
Content-Length: 1604
Expect: 100-continue
Connection: Keep-Alive
So it is missing
Content-Type: text/xml;charset=UTF-8
So in visual studio in web performance test setting Content-type on String body solves problem
Related
I have the same code as below targeting .Net Framework 4.6.2 and .Net Core 5 but seems to yield different authentication behavior.
The .Net Framework version works fine with WWW-Authenticate: Negotiate but the same code fails with the .Net Core version.
Here's the code snippet that I'm using for both.
var server = "https://www.example.com";
var client = new HttpClient(new HttpClientHandler { UseDefaultCredentials = true }) { BaseAddress = new Uri(server) };
var response = await client.GetAsync("/api/token");
var result = response.Content.ReadAsStringAsync().Result;
Console.WriteLine(result);
And here's the entire failure response.
StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Cache-Control: no-cache
Pragma: no-cache
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
Date: Fri, 02 Jul 2021 08:30:51 GMT
Content-Type: application/json; charset=utf-8
Expires: -1
Content-Length: 68
}
Is there anything else I missed in the .Net Core version?
I created a Blazor application with Windows authentication and hosting with Kestrel/Negotiate following the steps. (https://learn.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-3.0&tabs=visual-studio#kestrel)
Create Blazor app with Windows Authentication
Create a Blazor application using Visual Studio 2019 (16.4.0). (Windows Authentication, https)
Support Windows Authentication using Negotiate and Kerberos
Following the steps to make all work when running using Kestrel.
Import NuGet package Microsoft.AspNetCore.Authentication.Negotiate
Add the following code in ConfigureService() in Startup.cs.
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
Add the following code in Configure() in Startup.cs. They are added between app.UseRouting(); and app.UseEndpoints(...;
app.UseAuthentication();
app.UseAuthorization();
Windows Authentication not working. Add middleware ValidateAuthentication
It still doesn't work with Windows Authentication until the answer from this question is applied.
Add this in your Configure method:
app.UseMiddleware<ValidateAuthentication>();
Here is the middleware itself:
internal class ValidateAuthentication : IMiddleware
{
public async Task InvokeAsync(HttpContext context, RequestDelegate next)
{
if (context.User.Identity.IsAuthenticated)
await next(context);
else
await context.ChallengeAsync();
}
}
And in ConfigureServices :
services.AddSingleton<ValidateAuthentication>();
Now it works on the local PC.
And the following code is added to CreateHostBuilder() in Program.cs for remotely.
webBuilder.UseUrls(new string[] { "https://*:5001", "http://*:5000" });
Not work on another computer!
However, it pops up a window for the user name/password (it's Windows authentication and shouldn't ask for it again) and gets the following error on my company computer.
When trying at home PCs, it just shows the following message without popup window for username/password.
The output window shows
Request starting HTTP/1.1 GET https://mymachinename:5001/
info: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[0]
None
info: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[1]
Incomplete Negotiate handshake, sending an additional 401 Negotiate challenge.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.3618ms 401
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.6983ms 200 text/plain
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.331ms 200 text/plain
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 GET https://MyMachineName:5001/
fail: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[5]
An exception occurred while processing the authentication request.
System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 80.1697ms 500 text/html; charset=utf-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 11.6024ms 200 text/plain
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
I got the prompt when capturing the network traffice
Session #13: The server (us005) presented a certificate that did not validate, due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors.
0 - A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
SAN: localhost
SUBJECT: CN=localhost
ISSUER: CN=localhost
This warning can be disabled by clicking Tools > Options.
It asks for username/password after I chose ignore the warning. Why it asks for username/password?
The sessions before popup the username/password:
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
WWW-Authenticate: Negotiate
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
------------------------------------------------------------------
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Negotiate YIIUvQYGKwYBBQUCoIIUsTCCFK2gMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCFHcEghRzYIIUbwYJKoZIhvcSAQICAQBughReMIIUWqADAgEFoQMCAQ6iBwMFACAAAACjghJtYYISaTCCEmWgAwIBBaETGxFHQkwuQUQuSEVEQU5JLk5FVKIwMC6gAwIBAqEnMCUbBEhUVFAbHXVzd2xscHJpMDA1LmdibC5hZC5oZWRhbmkubmV0o4ISFTCCEhGgAwIBEqEDAgE/ooISAwSCEf8SPyfVTTIyEghWZnkJmimTadjkmX2k7PMXqFzw5igbGi0rxsNo9kBfA7dXq1NrSCgXDM5moPXdON//Tr6FjxeSkgPd7CTgZCsg8/65iMbkcK9QcbP7taholjBVJDNF810PrsS7jLsIPodS7frM4KTGSXTfrItoCXt0HwVhhQnF81ajnV/MIKoUokDJtJVRlGKurK078JM2Wvik6JAkgj35Xstr4rEbgs6a4SnYGBKiIpFErnNOmYZyL8LyZ4RS09UwJ9jboMIHmKOTG/8ZwuKHoA8G1I/lFc44xoKnz9OqboYr6x9UsnooIZAgYxZ43oO1P+B6xwwu7qgOFPSSW+GSJdErlQYKJP5L9CI1d+jJhgnw9bxqVBT30B055DQYyM0UXWTwHx8TeyIf2rhVsqtvxpiEVXx1F6zB9IpU9770fu4orK6IDowTGOxGuYexl39kdfpweJarJjSQ7cmXOrs7FnZHUVgR6N+OpEoRExAoNEfgqjDE5+HlhbXQ7FQSkOHXN82bdEzSM9ER4EvHCK25vycKyNmyTpwwdC3qSnF6HKYKRAlUt+jCtM8WeKfrrjoripVMFxaBrb6wHGNemGXC7VbJxDBIv/3UVQDWlBSjygkjjhXSWVLCzJRoyGwTII+zIj86O6URFzXpNk5QD2estXKpszMGLRqcl/5kDycjbhw+s/izB3T3hreQPEALhTK+qBy78R6AHNaR/NP7ErVALUoT28Dx1829DLooVaNZ6f9dhbpj9oMe9msLHv/VQr2ychKZdB6meL0j+I+zrVS1krus42BxOcHEbfj3zb22nf2jR5fL94GPaWH/E5WoYEC/NAAIqpI/AAxwtLBTL8dJN9PvwIhMRIUhncnt+6bTpcEK4WGRwwFDQ92pKJMfdwpQU+SULlYIT7Jl+Ew+UlelxAGEM3YcYVanSZOYmtKUFSrj9B8ro+So9A/0Nal0y5+ULhKBOgH/TA8Luc2Dkq5blHEnG5uH1zHwjgcAcBd0WKzY75aX2lXCyM74wobJh2Gkp7Gij1cyzOeNTMUxmmvzFztNhKq8ENhWNY88AExAopaxujA/1smq2QjgreDNRhOi4aDAMbCdCY1UJbfgVWq8qc228cn74WndySUf+Xu0anJW+2DB8i9FxEje0hYEU2MGzFWms1nanHh2KTh/veEEts8gpcnO8fIqTg9Vdf+n9VNY/GedLGxtwFERozvVzKRrTS1alOBs613xzkJtiCtV7VbiPSDv8PjwOVXlfBY3Xqcf/r06KlIc7JrAMNvE5lA2MpqKvJlrCpLNCZFSx/areR9NniZdCWe9hiwnM72oyZdrM7itB56dkiNAIEMwUWpQLMznDMeYG4b37ysCMcm9YlRP++uqYYsfGjVQTwVeoiH2CfdFdyiFTs6zvRFjDC81Qa3jf1V7xbCKSY0OxZcrC04GpOvEuVb/csixFHvXTfqtVBs/p78iLRGfmNSe1maMHiY9Y5vDXBmybs9IfATT5tZoImy6VKMNb/G1eigcbPJIBujUgxJ8urxIfALoFrqjIRJPwzX0WOAs9rL4GgUtaods1J1G+VmjJGBCNCqKyKPcNTtWkDpL8ll9CzQ7cziAd3ezh/V7vtDEzjbPO8gz82Ee6j+GoVP/Jr2KvAOCjz6igZYExRQDITd2D2bj09VSC7PUNuBfdPuBWjOOWMAuKGpISBQAV/V2CpriDui1wDKQLYIcdfJF2fMzaAbWWy52DtEDM7Tu+pXdZKpLSXHYjX1GOBE6W0SMmF1ryf27wCGe3PciPg3GkvBV9XitmJp/EQieAtKr0SXNbe/JDTFwRra4fymwoPEiW3iCyUv7dNMX207YLzyxbGehOjTrcOwZQY7ssCGOqea0OcmMHJ0KFBp76N4qtJhNP1okUtxxv7kNUZWiYTCXt8kZVTkbHcPreVVEzJWD8ysH7QLNLrimkn1WE0On1Aju2WrlmaVq7K5zHEq3uDPL3nRIo/6jGEWmy2gSmK3f+n+GYhZ9xlmV/mmvHt8b3dnmkQqA3quj4pi19joBGaYh4HNCerhiRomaOYFGpEYpR2RIysmttMbhRsBiM46MQA4TdJDFQ9/iQPkUDdVr807sZfoIy82ulgjM7zjMm+l+JBNC48QnDBJnRG2G9gDg0PHsA7hpmKvSjLumNOjcktu9BaY+dyaApsUnfCyL/bwC7yZ0Z0YK2X/f74etGd0QGb1zQJrOINAItLVvWTkPoV3Bjo0T5BA2EluZIGMsyXW0i1Rco6KxJuikJzBQQ4Fqk0Q0vxY/zMcuZX8ojrdiZj0pU8YSrE0ucnBTuW+pOUyrtiZ9E2Oc205qjoGPvS9bJkuuYwO0FtpQw1StLt5L8/TDsddOymDPesVn4oD0SCirfVomElCjG9nmMOQIAjBh/H9zaKObz2CzkgXs4GaB2NkumkFge/kLml7ILsak5fofgjnkBniiCf+9fzoudmgQcq0eIX9DGeAbvku1UTrr1avy6qbeJtRPTO1vKQ/JcKFjKxTSNArgxoh/Lq5u/Vj3G314Kr9327zP2L87BYpTMp1Y9EHRJ+Ov/Qr2qw3QuVcreU27OcidkN8F1vQT16gPG15Eqa+89P67OrrxJLaExOpxeKRmyYtfnvW0IN9pdLjgpA/4hNDkxAE/SrXa/Res8wkjtqeBP3WCVALG4qfGQSRAxn2MMBTni/kWSbBq8Ve2luSdJDYyCvMzmdXzocwSs3rGgn+jVxkoqr31gHZsiRB6GOM8wReT2gTRwGsqmivTvh/dxguz/BCTUp64uDgUBH2Det2PqECRs8EyRz9VTNt6vjBdcLj5cltD/eX/8TpY0WkIId5Hfucs7vKxrsG94xGzo+/3r9OWedEASicg61JPgO0NHYL8kuH2IuTFua2RUG0mOMkL8cCbbE7SY5qrlk8OR4xUW1AbPUwMy8pMx7r2KMye+0dpwZcIhuz9IzpknROQaSEwaUaIiLqs+GPCdX0KtCKlZ3DCmjdGVPMFS3cGSvhh3djqhIVBvnd8M8+bWH+20TRVfrOpVG2eHEwLlYAbTbZE25d3HdLPbazLXNv9osR/Ac7bvu7iuu3L0Q4mnOfb7Pw8Yq7K/85hqXZbu8flvc0ewGXylSeio4ra/UG+f7uEeuAC4qOR49VGnHajhkkUAFwOs13qrGrwmT2dv58tUm3E7XnI9UerZGd0KeDQ5M1VIggttn3GdOo2f51XI8DxEFUSNvi3Zm63TFRtjQJgGqWd020ado19zKNVMtSLN8ZmpgoN0JxGwogeK560xFMENkWI94gC2ODU5W9ktIy9ZHqqSAtrRN/IwLtxwcv3aSjjRxlA2igAZVEO1jwXb1okH7WI1GhYB8Ln103l3U1Bxmeg8BwjpjH+roPMUCbkBsKP1L1ITKrgq0hHddnHVsIeITuBS81ycq/xzLu00ya+HK3Pt22z6hP2k2ismjz0hw5Vm/20lZMmSMl4/jxjLi5IN4KxYEc/yve6tmB/bMne5G57sXQuGu8muFE8AnWwuis6alnxiCKt0mbSJ27rMFt3SqiLjNQiSayIIVtuZMMCCKlPSqvurIpqWTA4ZNougULazbt7qviOOVUv2WgcnlufbZVbSGN8ukZYWSwHqvyumsUwhoxpgvGqwheb+GVuDXfOqdQoqhmFYyyJr8WI33SyFz6/jjSydYiBeWKD5Fz2frCsHzBkqib9afcYpzhvv7/8x550udAuFvL+Z1/kyLlzf0ZpnN9xfJs1izEYwKLZEAbve4rEiQLS1fupMufsrvPIWzj4V2Zy+/GpX0kVifY9f0I8HWj8cTB1f3VB51qNiFXAqPKpAHixhnh3WU6WQl9Y56+tEmTuY9NPSUNmkDL3isBZNjWKltNZ12aYvYXHbgysP1yz+AtSWYm/+ytFIIsYRq6NtQ4jJiRKpq6hLz7uI/eOZ4jVINo1X2T3gN7y7xXNemGCNIOt3qdSw9XQnpobw8R0PIFHltbiZvJHmpL6e6yQDeVyxP/gVZNexC7hWu3yKi0Cf5XnnuBvYrzHwgFTdBTyO2xSXn49Tllmc/Jn76E6nqVcOXN056jdareX9OCFNFhR4tnjcEL0lzSEvHcVkj9BGfNcBYQyj70nXk35z4697CMn9lCR0tDb+hHhkLTBACENQJB5eTGIdlm1VM65GYKmvE+Nwh0I4rtjVucdxi+23v+6sxkOq9qmQG7zekVKsR//MayuN8eaCe6vYYAxACrLwTmq3hMYlnFDF8Lct0aEm7jDUaFQCVDxy0sgqimP+pBfbj2gpm9r1dZ45o8aWSulRJ0hGWTduHwWGpb6BWjPLeaBlyR2ZHJD5vyxTjtZirl9+YwEYXdKh4zMm3B+AMUbO68rX63fUogEEz/p7dolcEkHQoC5zdjb+bOy9vqhm5JJxUnWExNhK/V9eBJPH2XV2pAJUyj0x4T7gefMu0nXQM56fY3RFf62YYM1thsyhe9wV3ei3JDwZi3ZJ2UM3iW0gLjHD+/HJXzaLPZptvkNwbAKxO0xLq0ZhdAR8pU9chCB/o+jiKYUpdrF0ZxoWIJo7r1LLkP77heFsOJpf/rkq145GHD7KgglJtnxXh7XI3m5mpnWlZmYRD9TqyIO9vOZhgN8rJNKppSqDzmaQsYihM4xcKjBj2DDxSYXpxseC1ACmU0N072h7fP4JgmegoavlL3JBaJrImltwpuZMqy6seYGL8woQpvZcB/+UwHe2sJPcik/f7fSYWI89MjE239HhGm6CAT2wa/K5AzDBomOqC31eU8FAzO0r3EgdNczOxo/QuG5EM5515s3MkoFG1/Popj0gsB4576MZPcXOy9SJ4GFHfr/TpFeOfU6rUjF+oKT5t1FrMQUTqsmm/D0Eu6MXyt4mRqJF+RxieKw1TQqfdTjo78xCkvmqEiwYbJ5z5d2ddlgN8f8wqS6YBuG5itcRov97Ux6sPmLJj14LekuBp/daACorN6w72FQkPvP4Fr09XGXVUe/ASGWtAQQrz/wqfU9uqeH5isVS0R9dTkdXDUOnjJ5CgKh6yArgVs1QKFsiIChMgKW7zqldg2c1Nk5Yznc7e8g3sjeYnZVHLs+J3lu3Rr+sB4DuRsXQ9IYe1h4m0ka8QfaraVoJa1PDUzTbXg7kuxkTNsmO1+oYP4Vv3f/NP3TnJ1+iHWozrlzvLkRxaMgKhM+I2ELt7QIKSyOYjBAtCL2i37a6KpQoToqpbxoHfDYX1z7RYKkzzufDwn6j3ewsJ1Mtuy6/ODmtEtt0L8AiDYGnzh9JfqetNbXOnGkzC5WnbYlJwARILJGPjBY5wKMq1TH2f4bPrMwUV6QyDxm2I9I5dQexzuJINMIRkDxtZ3LEZlZWzQzTCsyz8if/6XagfuTb7F+sJ3e6PeyNfF9vLXg1feLu/Xlls8O4i25lbloUDy1PzIqzNFdTWVCyAG+I4hzWcSHEtfodIsEFl0O3vPQCjSOI+vFAdkDdmyw8PNwD3tHrV8FslSO5pm8HEPoQAe7/26/soy/Xmm9e1sX0XKPQknLpLAI/yoM6a1ZxcayDClzc8x/yjJvw/IV6x7IHLimdKbn8IL/fY+/Ie8vjixqpsiGFJMYH1TNr1T4nfdN5XgoI2w3PV3P5bp1orCXMOtF+T2d3l3dbV9YkXoat0Ct6FbL6Sk83IyfTDpFJzd560OCo0pRF67Po0DhPNbJ2SJHWqQn4ty4geCvHDMYoemNdpwVGwQAWrmJ70TgiGR5bWjx/9EkLiUbsYdMf42fzZz4yvZ7mdeaUKKxbCqJQayLeqnH8HQyCiy8cK+IuB67G2KokT8tUKFnne6GUCWncaK2XKErV63pEZH/FidlQBulVLw8p/T00MFiPlfa5Hu9hZhgjjxjRWo8iFSQrs7qK+m3vTdYntN89z4LB8zY1yam0xVLH6rNUYhgfZorHlF8yuS0ORHHZTQ3qsy+GkXBXzoK/gLwMQyT8c9J+2RhglnJ+XDyArMsvSCpVzNiLhBfUTgbK6iwYJVpEgA+LfX5x2sw3zs8RvBY/Ul8htlY1hnilvmWSRfJd+NHvXQVTng4z9lQV2odUKDIFkiL++wg4zJq+R0XgKfqm6SUmhZu5OJ+jYwsOgOOL1mhD0qP1/Bfy/PZV52NXJ1w4qc+O+afY7HvV43V02Y82/IqZ6SCAdIwggHOoAMCARKiggHFBIIBwSS4hy3oR17Czx0xy9V2qFSCcgYkEm4KET9Jr9JzG+j/gmsNM7ZKBPu/hZEXeDf/Mmw7P36iWwXvm+UcRMfvnMg10Mxo1tAVgUc0JXiBCFyOfTIfkenUmFfN25TP72NgibBMnwSzI5BubaI0VMFwUwoG4UPwt3K98gLLQ6sLZ3G6mbKn9NHOjNktuK+QkK/JzK6TLopduWbhUH/oQFvNPIVyoO3zau0LNKj+RG0DXTKeMlSD7RsK8W/V1nzVL83AjxUbunzbo9PvYGBvgHlnZys+ssc7Cuv8y1Q/IEie8XLeKLob0GyyU2DH+ObzGEwg3H+cs/vto7RJYPKNmIz03BkTm4t737h2l+XN8U3zrCeVERojst8edwbLrbOR3lFC7g43gdF1TnIDGwA4xjM4G7GcTsHfpR9HqHchkmccwWQ9/quoJuzO6zYuLuWG9cIh2AgYM2w1ghEYfz9bdIc7wY9vNNFp0P9glOamEQplg5DBLd24udA111d6o/V+1ht9v4vaGmArg+gHqoinHxlo4+eugjMYHlswdBqCU+2Ssk1hRM+yyQXzN9MMP2a9LPqd6pSwp4VjbfN38r5dkR+nzgUN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
WWW-Authenticate: Negotiate oYIITTCCCEmgAwoBAaELBgkqhkiC9xIBAgKigggzBIIIL2CCCCsGCSqGSIb3EgECAgMAfoIIGjCCCBagAwIBBaEDAgEepBEYDzIwMTkxMjA2MjMxMTM5WqUEAgIFSaYDAgFFqRMbEUdCTC5BRC5IRURBTkkuTkVUqhQwEqADAgEBoQswCRsHeXdhbmc3MKyCB78Egge7MIIHt6ADAgEFoQMCARGiggepYYIHpTCCB6GgAwIBBaETGxFHQkwuQUQuSEVEQU5JLk5FVKImMCSgAwIBAqEdMBsbBmtyYnRndBsRR0JMLkFELkhFREFOSS5ORVSjggdbMIIHV6ADAgESoQMCAQKiggdJBIIHRdQ4UpEul5It2IfV0VxSLUsX4uc+V3gbJ33ccdb/ZODIHHzJAG0POTyi9BKWPNX7y6FVJYev+eyoMkD1elsDj9ZpExk7PKst30cM0wyI0ywx7H4ZTRaD1wfHX3c+TV3Kr6jyljkzENPLbyaGIgayi9L1pLcj+GRxfKLRauCYsg1obt9iO/MVGF81G1xBiJAdJraiS96R+QMTeCN8T8sSEAMioFs1dUTquG4heFT/P6rtHoikPGWIEQHLEBOIoWMWW1dWz64YF9wJsMm6nQcTWTUbxOuxds97uU58/lqLqgbSE15B2YPSM0Zj8QA+nf9idS84MifA0F/6lvHbBC6FRaizG38e1Qf9/0YvP8wJ4QDGHCK+ZpxYbwJXTOBYvnRMg2ohl+wtirDDgjC5oD5ac+MXwI/HtKILf8wzZ0rTvxAKhN9kErpyQi5w/Ft/kJdBATOOMbFmrzOjYM3tUTzMfLUCIcP12PGUiXWsp8KiTuUyadJsYiPqthq2mhoEqz9qazQ2ZopZsPxMY2EKyhTSeIe+ScXW89cJ5ArX8qKRsG7QnpTL6/reGytFwSOnAnHlkapdO3oTE8TvfxdPXk4kEiLQ9xO2Q3LezTyWKM4x5xg3+XiZMlis3vBIX67qtibSGY+PwuJuuXfzW3Ksefiv7zBu2x/r4vIcJN8rM3s4NlHEG2sgnwjboko3+CoSKcA20mnJUKVnEvjD4HFcJyUsIcUHCELTlMw+IHrGzWllT/rpPDCHdwfWWPUuHP2zzEndgGwzwsA64PG+w8NgfqKvJXDP3gOIqiTbRgxmdVgQGiJ1V5e9rLWHOWAatqnEoF/24nTb3s2cqR3+HYmiMjNZPA51oDd+cTzixA5EvbxhvXjIsAs3GEk4D6epxZHxb1fSUxYetxpOo2dOwZIeGHpZFWDYPqvKx4ksmm2ctZTL4iss896+dGmlOYlO+6kONlfBTHGyPMeVGS8L9JJ3rvDFFvKshYIV3Bc5RRlxSmxhw9zACiaRlFFVAYVGAJJOnYFMG+YLdgDG/GQy/mvUn/PY7Y1YyjpgLY5WLlv5fg2WpMNwDurpyFRvMH2ZzR7gveoO/m20fo/jUcmHG309fAT+EluOKZfEcoMz11PyLNjg8Uz5Z/NORN9XuUWWnBI4P12XRWVoc+N2BomhW/w24uEbRpV+FEMPzOZvoZTzlASfvbuhy04On1qPDb32r2m5fxh8ILScndUKEJ8NM9U+mf0ZTMzvsuHuZWT/FTq4WhFDKDPvTcCtcKxaddvlWvVAerMtKQqP0kvsUi/v8agu4lpNPgCbfyJqKJym+xyryWMxPzlOrrMY9x34gOelkJhxPsuk8bg8TXO6i9i1xC7Q4VSoQYrxs+DZjfoQAKutzteNUpuVt6q5P/LaM//8ZWLrIRFPe2UUlyvh4MhsA2CBoOUsVFMGdYsP162tuLMTWf0jy9NZNGbeYCA4pqWvZMnPCGYob4ftTMQqWNHHPzzKw8kV8o/fpKNKRIBn5btPizzRoN+brrA00wj3zRvlPVW3CJcqaB1GoTgMxp7JpMyDIiQ+NxPhP4NXLAtNRw1gsfjbwYZkwtRbbOr9OoCAmYGWXvxRPO9pfniK69lv6FprSohEDrzqY++ClIxhGbAen4jfvx7au2UBivTwH5SHdfrWHVS9rWh3hiG+Idn56ARxZWxjrTJXkXTsSeZM887M91ZDiWySho4t37Au3qrTa7MzaxquzYkYWVN0k5KWi0NXnJ411gs6WUin1exMSLdwamIry9AZ2bQh0eu4mVzVJ4q7wHq/PgTsIQzhHlhnkf6xkZXie8y62anM6z8dzQoTXbQPhvSg9QfEsOchmBjlGJmofPt9yZr/HQ9eGk2bncNKkh8sBNyShEcFt0jQbANkD9X1izM3zN3gBqJox8FLi1egCvyH98lU/Stx8dHFmT4/nnGhpZuW+Qig+aSU3jCgcKIJshWTqSGjSbQc/AC4TYiBqn8z+X6fLDzQ5y/Q4oyilC0JKfGLqopXQJJOlE7OEA21KuzqzmJuma1E9QQ4PABndykDA7PcGgTZrbCKrOqxPeE6FH6mv54LfPlXrmrzb7BtIiLhuPaaCQME/fRwPwoWEwcwv9aiihSJ8Ot7kd2hxCTtVMi/ce8NjH4uGaRrLh+TQr+OVPWXPbie/Y8mQnK290BZ23I8S/VJhUcog8v99A9GtRS9IpXrOan/Mt9Gyqax1rJiQSmRJJkulXZ5gD/8lneMkJdz0q9/PWb6jtF10Fx00bOv72NDo9S5Q6TGZXBDca2bZFi5TeGQhL/2kg1LkHuMgCb2B5dDCxFJV+a77UFqFEtjOg5jobDDHaDA2Rfbgxh9q74Es+Ix7CG0ByZhdkvtAG5x1ri741hQMgtnD55IAM9FYQuen39ET3epXqYMy/nAZat090C/AT/swsE/B6tFv22iS4NQ0ckarQJ206ylZFcEwUOhhllXixvIdH5UG73IsCrFMUU=
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
------------------------------------------------------------------
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
WWW-Authenticate: Negotiate
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
This is not supported by design unfortunately.
See post here:
https://github.com/dotnet/aspnetcore/issues/13124
I had a similar issue. Negotiate seems to default to NTLM when running on localhost, but Kerberos over a DNS name. Kerberos requires a SPN. I fixed it by adding the correct SPN using:
setspn -D HTTP/hostname serviceAccountName
The exact SPN will vary depending upon your setup.
I have code to check for the existence of a blob and its size that works fine in my development machine but when I publish to the production server it gives me the exception:
Blob type of the blob reference doesn't match blob type of the blob
Here is the code:
CloudStorageAccount v_StorageAccount = CloudStorageAccount.Parse(v_ConnectionString);
CloudBlobClient v_BlobClient = v_StorageAccount.CreateCloudBlobClient();
CloudBlobContainer v_Container = v_BlobClient.GetContainerReference(v_Containerstring);
CloudBlockBlob v_Blob = v_Container.GetBlockBlobReference(p_Name);
v_Blob.FetchAttributes();
I have tested around with fiddler and found out that when running in the server, the response header does not have any of the x-ms- tags, although the request headers are identical in both machines.
Request Header:
HEAD http://XXX/90f5a5f1-9f6f-46bc-bbf6-21d77b8955ed HTTP/1.1
User-Agent: Azure-Storage/8.2.0 (.NET CLR 4.0.30319.36399; Win32NT 6.2.9200.0)
x-ms-version: 2017-04-17
x-ms-client-request-id: XXX
x-ms-date: Thu, 11 Jan 2018 13:44:14 GMT
Authorization: SharedKey XXX:XXX
Host: XXX
Response in development machine:
HTTP/1.1 200 OK
Content-Length: 504014
Content-Type: application/octet-stream
Content-MD5: /i5aFVWYlPqZjHvU+gxcbw==
Last-Modified: Wed, 13 Dec 2017 20:22:02 GMT
Accept-Ranges: bytes
ETag: "0x8D542672BB913FD"
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04155a59-001e-000d-58e5-8ab906000000
x-ms-version: 2017-04-17
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
x-ms-server-encrypted: false
Date: Thu, 11 Jan 2018 14:04:56 GMT
Response in production server:
HTTP/1.1 200 OK
Content-Length: 504014
Content-Type: application/octet-stream
Content-MD5: /i5aFVWYlPqZjHvU+gxcbw==
Last-Modified: Wed, 13 Dec 2017 20:22:02 GMT
Accept-Ranges: bytes
ETag: "0x8D542672BB913FD"
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Date: Thu, 11 Jan 2018 13:44:14 GMT
I don't know what I'm missing here, but, most important, how to make this code work on the production server?
Edited
To clarify some aspects:
Development machine: my notebook with windows 10 + visual studio 2017
Production server: virtual machine with windows server 2012 standard + sql server standard (no visual studio) + .net framework 4.5 enabled (project is 4.5)
The server is on-premises, local, on the same network as my machine
Using nuget package WindowsAzure.Storage 8.7
All calls are to the same storage account and same Blob object, no emulator involved
The exception occurs at call to v_Blob.FetchAttributes().
The same exception occurs also if I call v_Blob.Exists().
I'm sure the blob is a Block Blob, the two calls (one from my development machine and other from production server) are to the same account and same Blob object, with the exact same parameters (connection string, container string and blob name). In my development machine all works fine.
Stack trace from exception:
at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.ExecuteSync[T](RESTCommand`1 cmd, IRetryPolicy policy, OperationContext operationContext) in c:\Program Files (x86)\Jenkins\workspace\release_dotnet_master\Lib\ClassLibraryCommon\Core\Executor\Executor.cs:line 604
at Microsoft.WindowsAzure.Storage.Blob.CloudBlob.FetchAttributes(AccessCondition accessCondition, BlobRequestOptions options, OperationContext operationContext) in c:\Program Files (x86)\Jenkins\workspace\release_dotnet_master\Lib\ClassLibraryCommon\Blob\CloudBlob.cs:line 1619
at AzureDataMigration.Class.ConfereDocsMigrados.createBlockBlob(String p_Name, Int64 p_IdCompany, Int64 p_IdDocumentConfigType, StorGlobalHistoricalDocsEntities p_Model)
at AzureDataMigration.Class.ConfereDocsMigrados.Confere()
I just published an AngularJS/WebAPI project using File system publish to a local IIS Application and I can open the website in my browser. Unfortunately, no resources such as images, css etc. can be loaded. When I try to reach any file located in a sub folder I still receive a HTTP 200 from the server, but the body is empty. I can remember I´ve had this issue a few years back but I can´t remember why this happens.
Request
GET http://localhost/Content/images/common/logotype.png HTTP/1.1
Host: XX.XXX.XX.XXX
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,sv;q=0.6
Response
HTTP/1.1 200 OK
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 25 Aug 2015 07:56:12 GMT
Content-Length: 0
As you can see, there is no body at all but the image exists in the folder and I can open it from the filesystem. I would guess that if this was a privilege issue the server would return 403 or a similar error, not 200 OK?
Facepalm
Turns out that Lex Li:s comment put me in the right direction. I had completely missed to include the "Static Content" feature was missing in IIS "Common HTTP Features".
When an image is requested to my ASP.NET application, my C# code responds with the binary data in addition to the following headers (as capture in Fiddler):
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: image/jpeg
Expires: Fri, 06 Sep 2013 21:43:21 GMT
Last-Modified: Wed, 04 Sep 2013 22:21:27 GMT
ETag: "0x8D0770B10F6F56D"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 06 Sep 2013 21:13:23 GMT
Content-Length: 39007
My expectation is that the browser will cache this image until at least 21:43 GMT (which is 30 minutes from now) but that's not what happens. When I press F5, my browser sends another request for the image to my ASP.NET application.
What is missing from my headers to ensure the file is properly cached?