I am testing an application with a local web server (IIS, Windows 8), the site requires basic authentication, and as long as I explicitly pass my credentials, everything works fine:
request.Credentials = new NetworkCredential("User", "Password", "Domain"); request.PreAuthenticate = true;
But I would like to use the built-in protection, so I tried changing the first line as follows:
request.Credentials = CredentialCache.DefaultNetworkCredentials;
(I also tried DefaultCredentials)
I checked the network traffic with Fiddler and I see that in the second case the Http request is sent without an authorization header, so it is not surprising that it fails. But why?
UPDATE I believe that I misunderstood the concept of default credentials. DefaultNetworkCredentials cannot be used to generate the main authentication header, it must be a pair of users / passwords. So this is by design.
source share