This repo is the official home of .NET on GitHub. It's a great starting point to find many .NET OSS projects from Microsoft and the community, including many that are part of the .NET Foundation.
The documentation for HttpClientHandler.PreAuthenticate property says that it uses the first URI it authenticates against. In my scenario I am polling an embedded system and do not start with the BaseURL. I supply the BaseURL in CredentialCache as follows:
CredentialCache myCache = new CredentialCache()
{
{ BaseURL, "Basic", new NetworkCredential(username, password) }
};
HttpClientHandler httpHandler = new HttpClientHandler
{
Credentials = myCache,
PreAuthenticate = true,
};
HttpClient httpClient = new HttpClient(httpHandler)
{
BaseAddress = BaseURL,
Timeout = TimeSpan.FromMilliseconds(WebTimeoutOverride(msTimeout)),
};
The BaseURL could be http://10.130.130.10/obix/config/
The first request could be made to http://10.130.130.10/obix/config/Drivers/JciN2Network/HVAC1/points/nciClgLOStpt/out
As a result, I get 401 authentication errors for EVERY request, even though I've given the BaseURL and have set PreAuthenticate=true.
In Wireshark captures I can see that the Authorization header is NOT included in each subsequent request, which necessitates a 401 response/re-request again every time.
In my opinion, the underlying logic should look at the BaseURL supplied in CredentialCache (if supplied) to determine if the Authorization header should be sent, not the URI in the initial request.
This testing is in .Net Framework 4.8 but we are switching over to .Net Core. If this could be addressed in all .Net platforms that would be awesome.
The documentation for HttpClientHandler.PreAuthenticate property says that it uses the first URI it authenticates against. In my scenario I am polling an embedded system and do not start with the BaseURL. I supply the BaseURL in CredentialCache as follows:
The BaseURL could be http://10.130.130.10/obix/config/ The first request could be made to http://10.130.130.10/obix/config/Drivers/JciN2Network/HVAC1/points/nciClgLOStpt/out As a result, I get 401 authentication errors for EVERY request, even though I've given the BaseURL and have set PreAuthenticate=true. In Wireshark captures I can see that the Authorization header is NOT included in each subsequent request, which necessitates a 401 response/re-request again every time. In my opinion, the underlying logic should look at the BaseURL supplied in CredentialCache (if supplied) to determine if the Authorization header should be sent, not the URI in the initial request. This testing is in .Net Framework 4.8 but we are switching over to .Net Core. If this could be addressed in all .Net platforms that would be awesome.