Kestrel drops "400 bad request" when using app.UseAuthentication() behind IIS reverse proxy

- I've configured IIS to reverse proxy to my app.
- This code doesn't work flawlessly with Chrome.
- Everything works fine with Firefox

using System.Text.Json.Serialization;
using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Authorization;
using System.DirectoryServices.AccountManagement;

var builder = WebApplication.CreateBuilder(args);

builder.Services.ConfigureHttpJsonOptions(options =>
{
    options.SerializerOptions.TypeInfoResolver = AppJsonContext.Default;
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
       .AddNegotiate();


var app = builder.Build();
app.UseAuthentication();
app.MapGet("/hello", () => new Message("Hello, world!"));
app.Run("http://localhost:5000");

public record Message(string Text);
[JsonSerializable(typeof(Message))]
internal partial class AppJsonContext : JsonSerializerContext
{
}

using System.Text.Json.Serialization;
using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Authorization;
using System.DirectoryServices.AccountManagement;

var builder = WebApplication.CreateBuilder(args);

builder.Services.ConfigureHttpJsonOptions(options =>
{
    options.SerializerOptions.TypeInfoResolver = AppJsonContext.Default;
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
       .AddNegotiate();


var app = builder.Build();
app.UseAuthentication();
app.MapGet("/hello", () => new Message("Hello, world!"));
app.Run("http://localhost:5000");

public record Message(string Text);
[JsonSerializable(typeof(Message))]
internal partial class AppJsonContext : JsonSerializerContext
{
}

Expected :
- launch Chrome
- http://localhost:80/hello
- ask for credentials
- if credentials are correct, then

{"text":"Hello, world!"}

{"text":"Hello, world!"}

should appears

Actual result :
- launch Chrome
- http://localhost:80/hello
- ask for credentials
- Kestrel drops "400 bad request" (returned by IIS)
- If I press "F5",

{"text":"Hello, world!"}

{"text":"Hello, world!"}

appears

Kestrel drops "400 bad request" when using app.UseAuthentication() behind IIS reverse proxy

- I've configured IIS to reverse proxy to my app.
- This code doesn't work flawlessly with Chrome.
- Everything works fine with Firefox

using System.Text.Json.Serialization;
using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Authorization;
using System.DirectoryServices.AccountManagement;

var builder = WebApplication.CreateBuilder(args);

builder.Services.ConfigureHttpJsonOptions(options =>
{
    options.SerializerOptions.TypeInfoResolver = AppJsonContext.Default;
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
       .AddNegotiate();


var app = builder.Build();
app.UseAuthentication();
app.MapGet("/hello", () => new Message("Hello, world!"));
app.Run("http://localhost:5000");

public record Message(string Text);
[JsonSerializable(typeof(Message))]
internal partial class AppJsonContext : JsonSerializerContext
{
}

using System.Text.Json.Serialization;
using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Authorization;
using System.DirectoryServices.AccountManagement;

var builder = WebApplication.CreateBuilder(args);

builder.Services.ConfigureHttpJsonOptions(options =>
{
    options.SerializerOptions.TypeInfoResolver = AppJsonContext.Default;
});
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
       .AddNegotiate();


var app = builder.Build();
app.UseAuthentication();
app.MapGet("/hello", () => new Message("Hello, world!"));
app.Run("http://localhost:5000");

public record Message(string Text);
[JsonSerializable(typeof(Message))]
internal partial class AppJsonContext : JsonSerializerContext
{
}

Expected :
- launch Chrome
- http://localhost:80/hello
- ask for credentials
- if credentials are correct, then

{"text":"Hello, world!"}

{"text":"Hello, world!"}

should appears

Actual result :
- launch Chrome
- http://localhost:80/hello
- ask for credentials
- Kestrel drops "400 bad request" (returned by IIS)
- If I press "F5",

{"text":"Hello, world!"}

{"text":"Hello, world!"}

appears

Kestrel drops "400 bad request" when using app.UseAuthentication() behind IIS reverse proxy

Similar Threads

Kestrel drops "400 bad request" when using app.UseAuthentication() behind IIS reverse proxy

Similar Threads

Similar Threads

Similar Threads