search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.18k stars 4.72k forks source link

The type initializer for 'NetSecurityNative' throws meaningless exception rendering corrective action impossible. #109236

Open RightFootConsulting opened 2 hours ago

RightFootConsulting commented 2 hours ago

Description

Testing out a new .Net web service and using Swagger to initiate a Post to an endpoint yields the error below. The error contains no useful information to indicate what needs to be done to correct the issue and there seems to be no online resource with any hints that would help a developer to resolve the issue and become unblocked.

System.TypeInitializationException: The type initializer for 'NetSecurityNative' threw an exception.
 ---> System.TypeInitializationException: The type initializer for 'GssInitializer' threw an exception.
 ---> System.InvalidOperationException: Operation is not valid due to the current state of the object.
   at Interop.NetSecurityNative.GssInitializer..cctor()
   --- End of inner exception stack trace ---
   at Interop.NetSecurityNative..cctor()
   --- End of inner exception stack trace ---
   at Interop.NetSecurityNative.AcquireAcceptorCred(Status& minorStatus, SafeGssCredHandle& outputCredHandle)
   at Microsoft.Win32.SafeHandles.SafeGssCredHandle.CreateAcceptor()
   at System.Net.NegotiateAuthenticationPal.UnixNegotiateAuthenticationPal..ctor(NegotiateAuthenticationServerOptions serverOptions)
   at System.Net.NegotiateAuthenticationPal.Create(NegotiateAuthenticationServerOptions serverOptions)
   at System.Net.Security.NegotiateAuthentication..ctor(NegotiateAuthenticationServerOptions serverOptions)
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateState..ctor()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateStateFactory.CreateInstance()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

Reproduction Steps

Follow the steps in this tutorial

https://learn.microsoft.com/en-us/aspnet/core/tutorials/first-web-api?view=aspnetcore-8.0&tabs=visual-studio

up to the point where it says to do the following:

The Swagger page /swagger/index.html is displayed. Select GET > Try it out > Execute. The page displays:

The [Curl](https://curl.haxx.se/) command to test the WeatherForecast API.
The URL to test the WeatherForecast API.
The response code, body, and headers.
A drop-down list box with media types and the example value and schema.

Hit the execute button.

Expected behavior

One would expect the results that are documented in this Microsoft tutorial.

If there were an issue then the error message would be able to be mapped by Google to some sort of action plan for identifying what is needed to resolve the issue.

Actual behavior

You get a 500 internal server error, and a useless message that when you Google it, you end up with a closed issue that does not provide any insight into how to go about fixing such an issue.

System.TypeInitializationException: The type initializer for 'NetSecurityNative' threw an exception.
 ---> System.TypeInitializationException: The type initializer for 'GssInitializer' threw an exception.
 ---> System.InvalidOperationException: Operation is not valid due to the current state of the object.
   at Interop.NetSecurityNative.GssInitializer..cctor()
   --- End of inner exception stack trace ---
   at Interop.NetSecurityNative..cctor()
   --- End of inner exception stack trace ---
   at Interop.NetSecurityNative.AcquireAcceptorCred(Status& minorStatus, SafeGssCredHandle& outputCredHandle)
   at Microsoft.Win32.SafeHandles.SafeGssCredHandle.CreateAcceptor()
   at System.Net.NegotiateAuthenticationPal.UnixNegotiateAuthenticationPal..ctor(NegotiateAuthenticationServerOptions serverOptions)
   at System.Net.NegotiateAuthenticationPal.Create(NegotiateAuthenticationServerOptions serverOptions)
   at System.Net.Security.NegotiateAuthentication..ctor(NegotiateAuthenticationServerOptions serverOptions)
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateState..ctor()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateStateFactory.CreateInstance()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

HEADERS
=======
Accept: text/plain
Connection: keep-alive
Host: localhost:33581
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Edg/130.0.0.0
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Authorization: Negotiate YHkGBisGAQUFAqBvMG2gMDAuBgorBgEEAYI3AgIKBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHqI5BDdOVExNU1NQAAEAAACXsgjiCQAJAC4AAAAGAAYAKAAAAAoAXVgAAAAPVFJBREVSV09SS0dST1VQ
Referer: https://localhost:33581/swagger/index.html
sec-ch-ua-platform: "Windows"
sec-ch-ua: "Chromium";v="130", "Microsoft Edge";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty

Regression?

No response

Known Workarounds

Pick a different technology stack and don't use .Net

Configuration

No response

Other information

No response

dotnet-policy-service[bot] commented 2 hours ago

Tagging subscribers to this area: @dotnet/ncl, @bartonjs, @vcsjones See info in area-owners.md if you want to be subscribed.