2

I've created a self hosted service using the Microsoft OWIN 3.0.1, and Web API 5.2.3 NuGet packages. It is also using the Microsoft.AspNet.WebApi Cors.5.2.3 and Microsoft.Owin.Cors 3.0.1 packages for CORS support. The CORS setup is configured as follows:

private static void ConfigureCrossOriginResourceSharing(IAppBuilder app, HttpConfiguration config)
{
    app.UseCors(CorsOptions.AllowAll);

    var cors = new EnableCorsAttribute("*", "*", "*");
    config.EnableCors(cors);
}

The hosting is started as follows:

var startOptions = new StartOptions(url: "http://*:64000/");

Task.Run(() =>
{
    // Start OWIN host 
    using (WebApp.Start(startOptions, startUp.Configuration))
    {
        //etc.

When connecting to the service I can only use an IP address to call it (e.g. http://192.168.0.1:64000/). When using the DNS name (i.e. http://hostname:64000/) an HTTP 502 Bad Gateway error is returned. This isn't ideal.

I assume this has something to do with the CORS configuration. Any ideas what could be wrong?

UPDATE: At the suggestion below I've changed the start url to http://+:64000/. I am now getting a 400 Bad Request response from the client. I can ping the server which resolves to a fully qualified name ( e.g. hostname.domain.corp domain suffix) which I've also tried but get the same result.

Plymouth223
  • 1,905
  • 1
  • 12
  • 22
  • I do not think it has to do with CORS. The server is actually returning a 502. CORS simply allows the browser to receive responses from cross origin servers. – kmc059000 Aug 23 '15 at 21:33
  • What happens if you replace `http://*:64000/` with `http://+:64000/`? See http://stackoverflow.com/questions/4598164/whats-the-difference-between-http-80-and-http-80 – khellang Aug 23 '15 at 22:00
  • Are you able to ping hostname from the location you are calling web service? Enter a host file entry at source pc and see if that works. If it work then there must be some networking issue. – Deepak Bhatia Aug 24 '15 at 01:55
  • @khellang Thanks. That indeed seems to (slightly) improve things. Now getting a 400 Bad Request though. – Plymouth223 Aug 24 '15 at 02:10
  • @kmc059000 Indeed, you're likely correct and it's something (else) to do with the request being incorrect from the server's POV. – Plymouth223 Aug 24 '15 at 02:19
  • @DeepakBhatia Yes, I can ping the server (see update). – Plymouth223 Aug 24 '15 at 02:20
  • Have you tried with doing host file entry? – Deepak Bhatia Aug 24 '15 at 02:44
  • @DeepakBhatia Yes, adding an entry to the hosts file doesn't change the behaviour. – Plymouth223 Aug 24 '15 at 21:58

2 Answers2

2

If you want to use Kerberos for authentication, you'll need to register an SPN with AD for the hostname / port combination you are using for your application.

Michael1024
  • 33
  • 5
1

This turned out to be related to the authentication setup for the self hosted site. For some reason on our network (possibly 2003 AD vs 2012 servers doing the hosting, I'm unsure) the Kereberos authentication was failing. When using IP addresses the authentication fell back to using NTLM which succeeded. Setting the authentication to only use NTLM allows both host names and IP addresses to be used.

Before (failed, IP only as it fell back to NTLM):

listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;

After (success for both host and IP):

listener.AuthenticationSchemes = AuthenticationSchemes.Ntlm;
Plymouth223
  • 1,905
  • 1
  • 12
  • 22