Windows Authentication - Postman (HttpContext Name is Null)
My question is similar to Postman Windows Authentication (NTLM) not working but there are no answers to it so far.
I have used a .NetCore rest api (netcoreapp3.1).
In launchsettings.json
{ "iisSettings": { "windowsAuthentication": true, "anonymousAuthentication": false, .. }Startup.cs
public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(IISDefaults.AuthenticationScheme); } public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { //... app.UseHttpsRedirection(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); //....useEndpoints middleware is being called afterwards }EmployeeController.cs
[Route("IISDetails")] [HttpGet] public IActionResult IISDetails() { var name = User.Identity.Name; return new ContentResult() { Content = $@"IIS authorized. AD: {name}" }; }
I have not used [Authorize] tag so that atleast i can see if this works but Name is always null.
Postman I am setting username in Authorization tab. Image attached for reference.
If I put Authorize attribute to my IISDetails function it gives me
System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
So I added [Authorization] tag and changed Startup.cs from
services.AddAuthentication(IISDefaults.AuthenticationScheme);
to
services.AddAuthentication(Microsoft.AspNetCore.Authentication.Negotiate.NegotiateDefaults.AuthenticationScheme).AddNegotiate();
Tried it in the browser and it worked!!
P.S: Still not working with Postman NTLM Authentication (Beta)
- On IISDefaults.AuthenticationScheme, its giving me
System.InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action configureOptions). at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Still any guidance on why the other things are not working is appreciated :)
- How do I get currency exchange rates via an API such as Google Finance?
- Flask api on gcloud's URL keeps on loading
- Why is DELETE method not allowed in simple API controller
- See what API calls of a website is making
- Combining JSON and Regex in R
- I'm trying to call a svelte route through a url in the browser. It give me a 404
- Explanation on how this doesn't work? ( Flask-restful API)
- MERN Stack User create Post Mongoose MongoError : 11000
- Execute Stored Procedure Minimal API .Net
- list of Azure APIs Script
- how to use a SHA256 hash in Hex format in laravel
- Trouble in deserializing JSON data from CoinGecko API
- API JSON response: get key value
- Mongodb $loopkup: Lookup only those documents which satisfy a condition
- Getting undefined when fetching data from server, error illegal invocation
- Confluence through Python. Upload files
- UnityWebRequest.Put doesn't send JSON string
- pull data from s3 bucket in json format via api call
- Events added to Google Calendar using the API always
- How to get historical data for currency exchange rates via Yahoo Finance?
- Api calling error while parsing the data to model class in dio flutter
- How to fix Type definition error in Spring Boot application?
- How to search instagram comments containing particular keyword
- Sending Impersonate token in GET HTTP request
- text/html format in codeigniter rest_controller response
- How to Implement Delayed Retry Pattern on Taipy Core Task
- Python DeepL API glossary not working for translation
- Calling a third party graphql api
- How to push all ids to an array except first id?
- How to detect the client which call the sever is not an official version of the game?