0

I have an MVC4 application that is using Windows authentication. This application scrapes a variety of internet sites. This application is hosted in our intranet and needs to go through our corporate proxy to access the internet. Through some debugging I can see that I'm fully authenticated by user id and that I'm impersonating. My problem is that I keep receiving error The remote server returned an error: (407) Proxy Authentication Required.. I can verify that my code works because it works as expected if I hard code my credentials for the proxy.

var windowsIdentity = (WindowsIdentity) HttpContext.Current.User.Identity;
using (windowsIdentity.Impersonate())
{
    var webClient = new WebClient
        {
            Proxy = new WebProxy(PROXY)
                {
                    Credentials = CredentialCache.DefaultNetworkCredentials
                }
        };
    var str = webClient.DownloadString("http://google.com");
}

Using CredentialCache.DefaultCredentials also does not work. Why can't I impersonate myself (or whoever is accessing the site) and use that user to authenticate against the proxy?

onetwothree
  • 672
  • 1
  • 10
  • 20
  • Windows authentication was designed to work on local intranets. There is an implicit dependency that the packets sent are received in the same manner. A proxy can rearrange how the packets are received and invalidate your request. If you are using any sort of Identity server the request will be rejected because of the proxy injecting into the header a different requesting party/ – rlcrews Feb 24 '15 at 17:01
  • Assuming the proxy uses Windows authentication, you probably need to enable delegation. This gives the server special privileges so that it can impersonate users over the network. You may also need to configure IIS and/or the proxy server to allow this, I'm not familiar with the details. It would almost certainly be easier for the proxy server to be configured to allow your server unauthenticated access. – Harry Johnston Feb 24 '15 at 23:24

1 Answers1

1

The proxy settings of the server are probably ignored. Try reading this.

Community
  • 1
  • 1
Bonga Mbombi
  • 175
  • 1
  • 11