Recently, my team found an error in some of our service codes, so the HTTP request was authenticated with an anonymous NTLM SID ( not ), like HTTP anonymous authentication, this is a successful NTLM authentication exchange which results in an anonymous SID) was allowed to continue when it was denied. We fixed the problem by examining the WindowsIdentity.IsAnonymous property, but I want to write an automated test for this case so that we never have this problem.
This leads me to my problem. I need to make an HTTP GET request for a specific URL using HttpWebRequest or Microsoft.HttpClient, which authenticates through NTLM as an anonymous SID. For now, the only way to do this is to run client code as LocalSystem; for obvious reasons, which is not ideal for our automatic testing mode.
I tried this:
using (WindowsIdentity.GetAnonymous().Impersonate()) {
}
but Impersonate throws an exception indicating that an anonymous token cannot be issued.
Any other ideas?
source
share