I know this question was asked time and again, here and here. The answers given are pretty much the same, but in my case I still miss something and I cannot figure out exactly what it is. I have a RESTful Web API deployed and that is configured to accept only domain-authenticated calls. So on my client side, in my UWP application, I used the HttpClient class from the Windows.Web.Http namespace. The resources found online all show that I need to do two things:
- Enable Enterprise Authentication in the package manifest of my UWP app. I did that. Here is a screen shot of the capabilities selected for my app:
Set the "AllowUI" flag to be false, so that the user is not prompted to enter its credentials. I did that too. Here is a code snippet of what I am doing:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter { AllowUI = false }; var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
With this code in place, I don't get prompted for the credentials, but the response.IsSuccessStatusCode flag comes back as false and the error that I get is 401 - Unauthorized.
Before you ask, yes, the server-side endpoint is properly configured and works fine. If I try this:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter();
var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
I am asked for my credentials and when I enter them correctly, I get a proper HTTP 200 code in response. I also tried this:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter
{
AllowUI = false,
ServerCredential = new PasswordCredential(_myUriRoute, _myUserName, _myPassword)
};
var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
and again, I get a nice HTTP 200.
So what am I missing? I don't want to be prompted and I don't want to store credentials either. I want to have Windows pass automatically the credentials of the current user of the app.
Two things worth mentioning. The above-described behavior happens in my development environment (Visual Studio 2017) while I try debugging/running my app using the "Local Machine" option. Also, the first thing that happens when I start the app is I am prompted to grant permissions to the app to access the pictures folder and account info:
This happens despite the fact that I have selected "User Account Information" among the Capabilities set for the application, as can be seen in the above screen shot of the Capabilities tab, in the application's package manifest.
Any idea of what is missing? Any idea of what else should be tried?
Any suggestion will be highly appreciated.
Cheers,
Eddie
PS: I posted the same question on the MSDN Forums as well
PS2: The Web API is running in IIS Express, started from Visual Studio 2017, in a different instance. I configured IIS Express to expose my Web API using the IP address of my development machine instead of the "localhost". In its web.config file, I have the following setting:
<system.web>
<authentication mode="Windows"/>
</system.web>
I post this, just in case the issue is on the Server side, which I think it isn't.
