Home/ Questions/Q 8393531
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T19:48:54+00:00

I have an intranet site which calls a POST method from another server, also

  • 0

I have an intranet site which calls a POST method from another server, also on the intranet.

If I set the Authentication mode to Basic Authentication in IIS I can use the following:

HttpWebRequest oReq = (HttpWebRequest)WebRequest.Create(sURL);
 oReq.ContentType = "application/x-www-form-urlencoded";
 oReq.Method = "POST";
 oReq.Timeout = 60000;

 ...

 oReq.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;

 ...


try
{
   HttpWebResponse oResp = (HttpWebResponse)oReq.GetResponse();
   ...
}

All of the above works as intended.

However I need to change the security to Windows Authentication in IIS, and once I do I keep getting error 401 unauthorized on this line:

try
    {
       HttpWebResponse oResp = (HttpWebResponse)oReq.GetResponse();
       ...
    }

That can be fixed by changing the credentials like so:

NetworkCredential creds = new NetworkCredential("username","password","domain");
oReq.Credentials = creds;

But that’s not the right way anyway. How can I get the default credentials to work for Windows Authentication also?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you’ve got one web site calling out to another, you’ve got a 2nd hop. This is a kerberos 2nd hop problem.

    The intranet site needs permission to call the 2nd site on behalf on the end user.

    I’d suggest you use a tool call DelegConfig. I can’t recommend it highly enough. Its a simple asp.net application that will tell you what is wrong with your kerberos setup and can tell you how to fix it (or do it itself if you want)

    I’ve found I had to get the client to server authentication working first for it it work, but once thats there it makes working out what wrong with the next hop to UNC/http/sql etc very easy.

    • 0