I have a C# web application hosted on Kestrel using Windows Authentication. For some reason my endpoints only work when using localhost. If I use an IP address, hostname or 127.0.0.1 I get a 401 response and the web browser prompts with a login dialog. I need to make it work with hostname or IP address as well. I don't want to use IIS or HTTP.SYS.
I have tried calling setspn to register the web application but it makes no difference:
setspn -S HTTP/server.development.local development\x
My server FQDN: server.development.local
Username: development\x
My code looks like this:
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
builder.Services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
});
builder.Services.AddControllers();
builder.WebHost.ConfigureKestrel(serverOptions =>
{
serverOptions.ListenAnyIP(60100);
});
var app = builder.Build();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
app.Run();
}
}
}
[Authorize]
[ApiController]
[Route("[controller]")]
public class HelloController : ControllerBase
{
[HttpGet]
public IActionResult Get()
{
var user = HttpContext.User?.Identity?.Name ?? "N/A";
return Ok(user);
}
}