I have published an aspnet core 2.x application to a windows server 2016 running IIS 10. The application was published using Visual Studio 2017, and the application was just a basic AspNet Core template configured to use Windows Authentication.
The IIS Server is configured to use Integrated Authentication, ( Windows Authentication=enabled, Anonymous Authentication=Disabled)
When I try to access the web application in this configuration from a remote browser I get the following error page
This site can’t be reached
The webpage at http://devportal/CoreTest might be temporarily down or it may have moved permanently to a new web address.
<div class="error-code" jscontent="errorCode" jstcache="7">ERR_UNEXPECTED</div>When I browse to the site from IIS Manager, the browser prompts for credentials ( 3 times if provided ) and then displays a 401.1-Unauthorized page. If I enable Anonymous Authentication, the web application page is displayed but the domain identity is empty ( not a surprise since there are no auth headers in the request forwarded to the Kestral server )
I used wireshark to collect the HTTP traffic to the server, and the initial request comes in with no auth header, and sends a response 401
Hypertext Transfer Protocol
GET /CoreTest HTTP/1.1\r\n
[Expert Info (Chat/Sequence): GET /CoreTest HTTP/1.1\r\n]
[GET /CoreTest HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /CoreTest
Request Version: HTTP/1.1
Host: devportal\r\n
Connection: keep-alive\r\n
Cache-Control: max-age=0\r\n
Upgrade-Insecure-Requests: 1\r\n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\n
Accept-Encoding: gzip, deflate\r\n
Accept-Language: en-US,en;q=0.9\r\n
Cookie: .AspNet.Consent=yes\r\n
Cookie pair: .AspNet.Consent=yes
\r\n
[Full request URI: http://devportal/CoreTest]
[HTTP request 1/1]
Hypertext Transfer Protocol
HTTP/1.1 401 Unauthorized\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 401 Unauthorized\r\n]
[HTTP/1.1 401 Unauthorized\r\n]
[Severity level: Chat]
[Group: Sequence]
Response Version: HTTP/1.1
Status Code: 401
[Status Code Description: Unauthorized]
Response Phrase: Unauthorized
Content-Type: text/html\r\n
Server: Microsoft-IIS/10.0\r\n
WWW-Authenticate: Negotiate\r\n
WWW-Authenticate: NTLM\r\n
X-Powered-By: ASP.NET\r\n
Date: Thu, 04 Oct 2018 18:44:01 GMT\r\n
Content-Length: 1293\r\n
[Content length: 1293]
\r\n
[HTTP response 1/1]
[Time since request: 0.000842000 seconds]
[Request in frame: 46]
File Data: 1293 bytes
Line-based text data: text/html (29 lines)
Does anybody have any idea how to trouble-shoot this issue? It does not appear that the negotiation is happening.
Thanks