runtime: Http Negotiate authentication fails on Unix

@ManuelAVR reported an issue where .NET Core fails to authenticate against his proxy server.

The proxy server is sending:

< Proxy-Authenticate: Negotiate
< Proxy-Authenticate: NTLM

.NET Core doesn’t reply to the proxy server to authenticate. It returns the 407 as the response result.

Trying to authenticate with curl using --proxy-negotiate fails with: gss_init_sec_context() failed: SPNEGO cannot find mechanisms to negotiate. Using --proxy-ntlm works.

There is no Kerberos ticket. Proxy server and credentials are provided using http_proxy and https_proxy envvars.

Perhaps .NET Core gets the same error from gss_init_sec_context and then stops. Maybe at that point it should try NTLM auth instead?

It doesn’t work either when using the curl httphandler. Probably curl also has this issue: https://github.com/curl/curl/issues/876.

CC @wfurt

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 23 (22 by maintainers)

Most upvoted comments

Hello and sorry for my late response. We managed with the work arround, we have another proxy server with white lists and this is now working well (without auth).

+1
ManuelAVR on Jul 12, 2018
Read more comments on GitHub
← runtime: How to debug StackOverflowException
runtime: http request in docker container fails with curl error →