似乎 HTTP/2 无法使用 asp.net 中 Http.Sys 提供的身份验证
Seems like HTTP/2 not working with authentication provided by Http.Sys in asp.net
假设我在同一个域上有两个服务:
https://example.com:5001 and https://example.com:5002
https://example.com:5001 有 http.sys 这样的设置
.UseHttpSys(options =>
{
options.Authentication.Schemes =
AuthenticationSchemes.NTLM |
AuthenticationSchemes.Negotiate;
options.Authentication.AllowAnonymous = false;
options.UrlPrefixes.Add("https://example.com:5001");
});
而https://example.com:5002有这个选项:
.UseHttpSys(options =>
{
options.AllowSynchronousIO = false;
options.EnableResponseCaching = false;
options.UrlPrefixes.Add("https://example.com:5002");
})
当我向第一个服务发送请求时,我遇到了不同的问题:
- 通过 HttpClient -> WinHttpHandler:
var handler = new WinHttpHandler()
{
SslProtocols = SslProtocols.Tls12,
ServerCredentials = CredentialCache.DefaultCredentials
};
var httpClient = new HttpClient(handler)
{
DefaultRequestVersion = HttpVersion.Version20,
};
var response = httpClient.GetAsync("https://example.com:5001").Result;
响应有 StatusCode 200,但协议版本降级到 1.1
- 通过 HttpClient -> HttpClientHandler:
var handler = new HttpClientHandler()
{
SslProtocols = SslProtocols.Tls12,
Credentials = CredentialCache.DefaultCredentials
};
var httpClient = new HttpClient(handler)
{
DefaultRequestVersion = HttpVersion.Version20,
};
var response = httpClient.GetAsync("https://example.com:5001").Result;
响应有 StatusCode 401、未授权和协议版本 2.0
- 通过 HttpWebRequest:
var webRequest = (HttpWebRequest)WebRequest.Create("https://example.com:5001");
webRequest.Credentials = CredentialCache.DefaultCredentials;
webRequest.Method = WebRequestMethods.Http.Get;
webRequest.ProtocolVersion = HttpVersion.Version20;
抛出异常:目前仅支持 HTTP/1.0 和 HTTP/1.1 版本请求。 (参数'value')
对 https://example.com:5002 的所有相同请求都有状态代码 200 和协议版本 HTTP/2
我想 http.sys 中 HTTP/2 的身份验证无法正常工作,或者我做错了什么。
知道这如何正确工作吗?提前致谢!
我发现 http/2 不支持 Windows 身份验证。此处有更多详细信息:https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/http2-on-iis#when-is-http2-not-supported
假设我在同一个域上有两个服务: https://example.com:5001 and https://example.com:5002
https://example.com:5001 有 http.sys 这样的设置
.UseHttpSys(options =>
{
options.Authentication.Schemes =
AuthenticationSchemes.NTLM |
AuthenticationSchemes.Negotiate;
options.Authentication.AllowAnonymous = false;
options.UrlPrefixes.Add("https://example.com:5001");
});
而https://example.com:5002有这个选项:
.UseHttpSys(options =>
{
options.AllowSynchronousIO = false;
options.EnableResponseCaching = false;
options.UrlPrefixes.Add("https://example.com:5002");
})
当我向第一个服务发送请求时,我遇到了不同的问题:
- 通过 HttpClient -> WinHttpHandler:
var handler = new WinHttpHandler()
{
SslProtocols = SslProtocols.Tls12,
ServerCredentials = CredentialCache.DefaultCredentials
};
var httpClient = new HttpClient(handler)
{
DefaultRequestVersion = HttpVersion.Version20,
};
var response = httpClient.GetAsync("https://example.com:5001").Result;
响应有 StatusCode 200,但协议版本降级到 1.1
- 通过 HttpClient -> HttpClientHandler:
var handler = new HttpClientHandler()
{
SslProtocols = SslProtocols.Tls12,
Credentials = CredentialCache.DefaultCredentials
};
var httpClient = new HttpClient(handler)
{
DefaultRequestVersion = HttpVersion.Version20,
};
var response = httpClient.GetAsync("https://example.com:5001").Result;
响应有 StatusCode 401、未授权和协议版本 2.0
- 通过 HttpWebRequest:
var webRequest = (HttpWebRequest)WebRequest.Create("https://example.com:5001");
webRequest.Credentials = CredentialCache.DefaultCredentials;
webRequest.Method = WebRequestMethods.Http.Get;
webRequest.ProtocolVersion = HttpVersion.Version20;
抛出异常:目前仅支持 HTTP/1.0 和 HTTP/1.1 版本请求。 (参数'value')
对 https://example.com:5002 的所有相同请求都有状态代码 200 和协议版本 HTTP/2
我想 http.sys 中 HTTP/2 的身份验证无法正常工作,或者我做错了什么。
知道这如何正确工作吗?提前致谢!
我发现 http/2 不支持 Windows 身份验证。此处有更多详细信息:https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/http2-on-iis#when-is-http2-not-supported