为什么我不能使HttpWebRequest与NTLM身份验证一起使用 [英] Why I can't make HttpWebRequest working with NTLM authentication
问题描述
我正试图像下面的代码片段那样从MonoTouch调用EWS:
I'm trying to call EWS from MonoTouch like in this snippet:
byte[] bytes = Encoding.UTF8.GetBytes("... some xml here ...");
HttpWebRequest req = WebRequest.Create("https://owa.site.com/ews/exchange.asmx") as HttpWebRequest;
req.Method = "POST";
req.KeepAlive = true;
req.ContentType = "text/xml";
req.ContentLength = bytes.Length;
req.AuthenticationLevel = AuthenticationLevel.MutualAuthRequested;
CredentialCache ch = new CredentialCache();
ch.Add(req.RequestUri, "Negotiate", new NetworkCredential("uname", "pwd", "domain"));
req.Credentials = ch;
Stream sreq = req.GetRequestStream();
sreq.Write(bytes, 0, bytes.Length);
sreq.Close();
WebResponse resp = req.GetResponse();
最后一行抛出一个异常:401:未授权.
There is an exception thrown at last line: 401: Not Authorized.
HttpWebRequest是否应该透明地处理谈判,即处理挑战并生成第二个和第三个请求?
Isn't HttpWebRequest supposed to handle negotiations transparently, i.e. to process challenge and generate the second and third request?
P.S. http和https
P.S. The results are the same with both http and https
P.P.S.使用EWS托管API,我已经从模拟器成功进行了EWS调用(但不幸的是,它并未针对实际设备构建).在Exchange服务器上使用网络嗅探器证明,在一个托管呼叫中有三个HTTP请求,而在上面的代码中只有一个.
P.P.S. Using EWS managed API, I've made successful EWS calls from the simulator (but unfortunately, it doesn't build for the actual device). Using network sniffer at the Exchange server proved that there are three HTTP requests in one single managed call and only one from the code above.
推荐答案
Mono和扩展MonoTouch支持原始的 NTLM ,请参见:
The original NTLM is supported by Mono and by extension MonoTouch, see: MonoTouch support for accessing Mono.Security.Protocol.Ntlm.NtlmFlags
但是较新的 协商 允许在kerberos中进行身份验证(不支持MonoTouch)不支持纯环境.
However the newer Negotiate which allows authentication in a kerberos-only environment is not supported by Mono (nor MonoTouch).
尝试将"Negotiate"更改为"NTLM",如果网络允许,它应该使用较旧的协议来工作.
Try changing your "Negotiate" for "NTLM" and it should, if the network allows it, work using the older protocol.
这篇关于为什么我不能使HttpWebRequest与NTLM身份验证一起使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
