SignalR 1.0 RC2 aspnet C# client sample. What needs to be done to have that client connect using Windows-authetication to a (IIS 6) hub server that has anonymous login disabled. Is there any sample out there? This is an intranet app which relies on AD user ids. The client will be implemented as a service eventually. Browser based clients work without problems. Any help or clue would be appreciated!
Try setting
connection.Credentials = CredentialCache.DefaultCredentials;
Related
For the past couple of years we've been developing a client/server application and it's been working well with us hosting the server and applications. I've recently started work on getting our mobile app to connect and have run into a snag.
The mobile app can login and obtain a token but when it presents that token for an API call Owin is failing to create a valid Principal.
The same API call from our desktop app (running on the same physical machine as the server) has an HttpRequestMessage "MS_OwinContext" property with the Authentication.User field populated. The same call from the mobile does not.
Yet both of them seem to be sending the same API request (different bearer token of course). Alternative can anyone tell me where I might at least start looking or how I could get information from OWIN as to what it's doing? It's also worth pointing out that the mobile app (Xamarin) shares most of its code with the desktop application.
Right now I'm staring at a black box and all I know is that 'it doesn't work'.
Okay the problem was that the server was setting Authority in the bearer options to be localhost. Audience is derived from this so when connecting using the host name validation fails.
The answer appears to therefore not use localhost as part of the authority.
I'm using the IdentityServer3 Version (2.5.4) for the current project, everything works fine on my local machine (with IIS and IIS Express).
The customer has a Windows7 Embedded machine (without SP1!) with .NET 4.5 installed, we created a selfsigned SSL cert (with the current hostname, NOT localhost), but its not working. I'm always getting the error "Unable to get document from: https://xyz/.well-known/openid-configuration"
what is wrong with the configuration?
I found the Solution, it has nothing to do with the Configuration. The Installation of the Windows 7 SP1 has fixed it.
In a couple of cases where we had this issue, it is mostly to do with network connectivity.
Few things which helped us figure out the root cause -
Access the "https://xyz/.well-known/openid-configuration" route from a browser on the server.
If you are not able to access the url then it means that the server is unable to connect to the Idserver installation. This is a network level issue.
If you are able to access the url from the server where the relying application is hosted, but the relying application is throwing an error -> it means that, a proxy is configured on the server. The browser automatically uses the proxy, where as you have to set the proxy in the relying party application as below in the startup.cs
var request = WebRequest.Create(uri);
var myProxy = new WebProxy {Address = new Uri("proxy uri")};
request.Proxy = myProxy;
var response = request.GetResponse();
This will ensure that all the http requests originating from the code will also use the same proxy.
If the above doesnt help, Check if the IIS where Idserver is installed, allows TLS 1.0 and 1.1. THis is disabled on some servers for security purposes. If that is the case, use the below code to make ur application use tls 1.2 and the call will succeed
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
IIS Media Services 4.1:
I have a dedicated website setup on my win 7 dev box. I'm testing the REST service with Windows Auth turned on from both calls from a browser as well as a test C# winform app. Using the browser I try to hit http://iismediatestsite/services/smoothstreaming/publishingpoints.isml I get challeneged (good) but when I put in my domain creds I get into a loop where it keeps prompting for creds. My domain account is an admin on this box. If I use my test app I set UseDefaultCredentials to true but I get a 401 returned.
Using Basic Auth works fine with both clients.
Any ideas?
TIA
Okay apparently this is caused by an issue when authenticating by NTLM via a loopback address. It is better explained and a workaround provided here:
http://support.microsoft.com/kb/896861
I have the following setup with my GWT Client - Server application:
GWT Client -(RPC)- Server - MSSQL db.
The client is running on various platforms & devices (web application, mobile phones etc..). The java server (and web application files) are hosted on Jetty. MSSQL Database is running on a different server on a different domain.
I need to find a way for the user to authenticate on the domain of the MSSQL DB after which I can allow the client to access to rest of the servers services.
I can pass the username & password pair encrypted to the server but how do I continue from there on? I spent a lot of time figuring that out today, but I just got more and more confused. I did manage to check local authentication with Kerberos on the server, but I need to authenticate remotely to a different domain. Is it even possible without setting up service for that on the remote domain, which I'm trying to avoid?
I have some code in .NET V2.0 that is talking to an asmx service
As a related issue I also have some code in the same winforms app that is doig BITS uploads
We are a very small shop and quite frankly do not have any sort of proxy server setup
But of course our clients will
I want to test with a proxy server sitting between my home FIOS connection and the internets and I want to test when auth information is required against the proxy server
Clearly the number of configurations in the wild are way many but any suggestions welcome
1) Any public proxy servers where I can create credential based accounts and test?
2) any catch all .NET solution like asking for creds setting them somehow on BITS uploads and asmx services and then just assuming they work 90% of the time
Thanks
You could run a proxy server on your own computer, then 'connect to yourself' as the proxy.