I'm calling out to a SOAP service which uses Windows authentication. This is my configuration:
new BasicHttpBinding
{
Security = new BasicHttpSecurity
{
Mode = BasicHttpSecurityMode.TransportCredentialOnly,
Transport = new HttpTransportSecurity
{
ClientCredentialType = HttpClientCredentialType.Windows
}
},
};
And I'm setting up the credentials manually here, as the user is on a different domain:
client.ClientCredentials.Windows.ClientCredential.Domain = "...";
client.ClientCredentials.Windows.ClientCredential.UserName = "...";
client.ClientCredentials.Windows.ClientCredential.Password = "...";
I've noticed that every call I do through the client proxy is resulting in three trips:
Request: POST /EndPoint (no auth)
Response: 401 Unauthorized, WWW-Authenticate: Negotiate
Request: POST /EndPoint, Authorization: Negotiate
Response: 401 Unauthorized, WWW-Authenticate: Negotiate <gunk>
Request: Post /EndPoint, Authorization: Negotiate <gunk>
Response: 200 OK
If this only happened on the first call it wouldn't be so terrible, but it happens on all subsequent calls to the same client proxy instance.
The server I'm calling out to isn't under my control and has a not insignificant amount of latency, so I'd love to find a way to remove these redundant trips. Is it possible?
I've just created dummy client with WCF service using your binding settings and manual un+pwd authentication. WCF service is set up to accept Windows Authentication.
However, in my case all subsequent calls are automatically authenticated.
Response 1:
Response 2:
Response 3:
In the response header, I have
Persistent-Auth: true. Is this the same for you? If no - there are settings in IIS which can force a client to authenticate after each request - See this MSDN post.Basically, I guess you have to have on the server:
then it works.