I am trying to set up an internal website that will communicate with another backend service within the network on behalf of the user using HttpWebRequest. I have to use integrated Windows authentication in an ASP.NET application since the backend system supports this type of authentication.
I can configure IWA in an ASP.NET application, and I use kerberos as I expect. However, when authentication is delegated to the backend system, it no longer works. This is because the backend system only supports kerberos IWA, but delegation for some reason - even though the incoming request is authenticated by Kerberos - converts authentication to NTLM before searching the backend system.
Does anyone know what I need to do in an ASP.NET application to allow it to redirect an identifier using keberos?
I tried the following but it doesn't seem to work
CredentialCache credentialCache = new CredentialCache();
credentialCache.Add(request.RequestUri, "Negotiate", CredentialCache.DefaultCredentials.GetCredential(request.RequestUri, "Kerberos"));
request.Credentials = credentialCache;
I also tried installing Kerberos, where it now says Negotiate, but it doesn't seem to do much.
source
share