[MonoTouch] Windows Auth and MonoTouch

Paul Bowden pbowden at microsoft.com
Sat Oct 3 16:05:44 EDT 2009 

I've made a little more progress in scoping the issue. I've got NTLM auth working from the device now (even though the back-end IIS server is part of AD). The problem seems to be related to kernel-mode auth. If you disable it in IIS (advanced properties of the Windows Integrated Authentication), then I see the Invalid length error below. If I enable kernel-mode auth, then the HttpWebRequest completes just fine. There are a bunch of desktop apps that have problems with kernel-mode auth (including Outlook/Exchange, which is what I'm using), so we're seeing more and more folks disable this by default in IIS.

Shall I go ahead and bug this?

Cheers, Paul.

-----Original Message-----
From: Gonzalo Paniagua Javier [mailto:gonzalo.mono at gmail.com] 
Sent: Friday, October 02, 2009 6:09 AM
To: Paul Bowden
Cc: monotouch at lists.ximian.com
Subject: RE: [MonoTouch] Windows Auth and MonoTouch

On Fri, 2009-10-02 at 04:04 +0000, Paul Bowden wrote:
> Hmm, that's what I was using before. The app works if Basic auth is enabled on the vdir, but if I disable Basic, which just leaves Windows Auth enabled, I get this:
> 
> Unhandled Exception: System.Net.WebException: Invalid length. ---> System.FormatException: Invalid length.
>   at (wrapper managed-to-native) System.Convert:InternalFromBase64String (string,bool)
>   at System.Convert.FromBase64String (System.String s) [0x00000] 
>   at Mono.Http.NtlmSession.Authenticate (System.String challenge, System.Net.WebRequest webRequest, ICredentials credentials) [0x00000] 
>   at Mono.Http.NtlmClient.Authenticate (System.String challenge, System.Net.WebRequest webRequest, ICredentials credentials) [0x00000] 
>   at System.Net.NtlmClient.Authenticate (System.String challenge, System.Net.WebRequest webRequest, ICredentials credentials) [0x00000] 
>   at System.Net.AuthenticationManager.DoAuthenticate (System.String challenge, System.Net.WebRequest request, ICredentials credentials) [0x00000] 
>   at System.Net.AuthenticationManager.Authenticate (System.String challenge, System.Net.WebRequest request, ICredentials credentials) [0x00000] 
>   at System.Net.HttpWebRequest.CheckAuthorization (System.Net.WebResponse response, HttpStatusCode code) [0x00000] 
>   at System.Net.HttpWebRequest.CheckFinalStatus (System.Net.WebAsyncResult result) [0x00000] 
>   at System.Net.HttpWebRequest.SetResponseData (System.Net.WebConnectionData data) [0x00000] 
> 
> Here's the relevant part of the source:
> 
>             HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
>             request.Method = "POST";
>             request.ContentType = "text/xml; charset=utf-8";
>             request.Credentials = new NetworkCredential(userName, password, domain);

Mmm, weird. There's only one more question before asking you to enter a
bug report for this: is the server using AD (and domain is set)? If so,
I think the machine from which you're running the program has to belong
to the domain...

-Gonzalo

More information about the MonoTouch mailing list