NTLM failure - C# / C Sharp

John Lee

Hi,

I have a virtual directory configured as "integrated windows authentication"
and "anonymous acccess" is turned off. I can use IE to acccess that page but
when I try to access the page using

HttpWebRequest wr = (HttpWebRequest ) System.Net.WebR equest.Create(u rl);
wr.Credentials = CredentialCache .DefaultCredent ials;
HttpWebResponse resp = (System.Net.Htt pWebResponse)wr .GetResponse();

I got "System.Net.Web Exception: The remote server returned an error: (401)
Unauthorized." error, Any idea why?

Thanks very much!
John

Nov 17 '05 #1

Subscribe Reply

5145

Steven Cheng[MSFT]

Hi John,

Glad to see you again :-).

As for the 401 error you encountered when requesting page protected by
integrated windows authentication through
HttpWebRequest component, it is because the HttpWebRequest component won't
automatically provide the client side credential (from the current logon
user like what IE does). So we need to manually attach the credential if
the serverside dosn't allow anonymous accessing. For example, the following
code snippet just provide a credential (NTLM auth schema):

=============== ======
NetworkCredenti al myCred = new NetworkCredenti al(
"username","pas sword","domain or machine name");

CredentialCache myCache = new CredentialCache ();

myCache.Add(new Uri("www.contos o.com"), "NTLM", myCred);
WebRequest wr = WebRequest.Crea te("www.contoso .com");
wr.Credentials = myCache;
...............
=============== =======

Here is the MSDN reference on System.Net.Netw orkCredential class:

http://msdn.microsoft.com/library/en...netnetworkcred
entialclasstopi c.asp?frame=tru e

Hope helps. Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 17 '05 #2

John Lee

Thanks Steven!

But I need to use the current logon user's credential to access that page
and
the following code should work - but it does not work for me:

wr.Credentials = CredentialCache .DefaultCredent ials;

Another thing I noticed that might be related, I created a virtual directory
"test" with "windows integrated authentication" only on a 2003 server
"server1" with SP1 box.
step 1. open a new instance of IE, access http://server1/test it will popup
asking for username/password, type in password and it will work
2. IF i add http://server1 into local intranet zone, repeat step 1, no popup
to ask password

I tested the above scenario on several box and it's consistent. so my
another question is that when we use HttpWebRequest to access the virtual
directory by using logon user's network credential - how to configure the
accessed uri is in local intranet zone from code or it SHOULD grab that
setting done by IE?

Thanks!
John

"Steven Cheng[MSFT]" <v-******@online.m icrosoft.com> wrote in message
news:tZ******** ******@TK2MSFTN GXA01.phx.gbl.. .

Hi John,

Glad to see you again :-).

As for the 401 error you encountered when requesting page protected by
integrated windows authentication through
HttpWebRequest component, it is because the HttpWebRequest component won't
automatically provide the client side credential (from the current logon
user like what IE does). So we need to manually attach the credential if
the serverside dosn't allow anonymous accessing. For example, the
following
code snippet just provide a credential (NTLM auth schema):

=============== ======
NetworkCredenti al myCred = new NetworkCredenti al(
"username","pas sword","domain or machine name");

CredentialCache myCache = new CredentialCache ();

myCache.Add(new Uri("www.contos o.com"), "NTLM", myCred);
WebRequest wr = WebRequest.Crea te("www.contoso .com");
wr.Credentials = myCache;
..............
=============== =======

Here is the MSDN reference on System.Net.Netw orkCredential class:

http://msdn.microsoft.com/library/en...netnetworkcred
entialclasstopi c.asp?frame=tru e

Hope helps. Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 17 '05 #3

Steven Cheng[MSFT]

Thanks for your respones John,

As for the further question you mentioned, here are my understandings:

1. YES, IE will automatically send the current logon session's credential
when accessing trusted or intranet zone sites and
anonymous access is not allowed. We can also verfify this in the IE's
Tools---->Internet Options--->Security---->certain Zone ---> Custom Level
setting---> UserAuthenticat ion. Logon

2.When using HttpWebRequest, it has nothing related to IE setting. So we
will always need to manually provide the credential when accessing remote
resouce when require authentication. And yes, the
System.Net. CredentialCache .DefaultCredent ials contains the current logon
user's credential (in winform or console app), but if this credential is
not valid on the remote server, the request will also fail. Different from
IE( IE will popup authentication dialog to let us input username/password
when current user is not valid on remote server), using httpwebrequest ,
there is no such dialog.

So as for your scenario, I think the problem is your current logon user is
not a valid account on the remote server. Is your logon user account a
local account on the machine where you running the httpwebrequest app? If
so, this account is not valid to the remote server, you need to provide a
valid account on the remote server , this account can be either of :
1. A domain account

2. A duplicated local account which has same username/password on both
client and server machine.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 17 '05 #4

Similar topics

2407

NTLM Authentication with multi-tiered application

by: Andy Fish | last post by:

Hi, I have an asp.net application in several tiers and I would like to enable it for NTLM. Say the web front end is running on server X and the business logic is running on server Y. In the non-NTLM case, the user types his password into the web front end and server X passes it to Y in order to authenticate him. In the NTLM case, the user is already authenticated to X but since X does

ASP.NET

7596

NTLM authentication

by: webrod | last post by:

Dear All, let's say I have a web service. I would like to authenticate users who try to access it. I am on a winnt server so I will have to use NTLM but I don't want to use IIS settings. Is there a way to authenticate a user using WSE 3.0 against NTLM?? All the samples I have found on the web provide a solution based on

C# / C Sharp

2721

NTLM APS python version 0.98

by: pycraze | last post by:

Hi , I am working on NTLM (Windows NT Lan Manager )APS (Authentication Proxy Server ) , to port to C language . I am using ethereal to monitor the packets sent between client and server . NTLM is a MS proprietary protocol designed so that will allow authentication only from MS browsers . This proprietary was cracked and code was written in python by

Python

8179

HttpWebRequest over Https Via Proxy Fails using NTLM

by: =?Utf-8?B?TGVuc3Rlcg==?= | last post by:

A C# (.NET 2) application which uses the System.Net.HttpWebRequest object to request a resource over HTTPS is failing following the installation of a new proxy server on our internal network with 407 Proxy Authentication Required. The same request through the old proxy succeeds. The same request to an HTTP address through the new proxy succeeds. Also, the request succeeds when forced to use Basic authentication but fails on NTLM.

ASP.NET

9482

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

10062

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

9878

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

7282

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6551

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5167

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

5322

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

3392

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2694

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General