Bug Report: Authentication Validation Error (GenericFailure) in .NET8 #105574
Description
Description
When executing the provided code snippet in a .NET 8 project, an HttpRequestException is thrown with the message Authentication validation failed with error - GenericFailure. This issue occurs when attempting to send an HTTP request using HttpClient with Kerberos authentication and utilizing default credentials.
Reproduction Steps
- Create a new .NET 8 project.
- Add the following code to the Program.cs file:
using System.Net;
class Program
{
static async Task Main(string[] args)
{
var handler = new HttpClientHandler
{
UseDefaultCredentials = true,
};
using (var client = new HttpClient(handler))
{
try
{
HttpResponseMessage response = await client.GetAsync("...");
response.EnsureSuccessStatusCode();
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
}
}
}
- Run the project.
Expected behavior
The HTTP request is successfully sent, and the response is processed without any exceptions.
Actual behavior
System.Net.Http.HttpRequestException: Authentication validation failed with error - GenericFailure.
at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
at Program.Main(String[] args) in C:\...\Program.cs:line 16
Regression?
In .NET 6 this issue does not occur.
Known Workarounds
- Changing the HTTP version to HTTP/1.0 by setting client.DefaultRequestVersion = HttpVersion.Version10.
- Using .NET 6 where this issue does not occur.
Configuration
-
.NET SDK Version: .NET8
-
Operating System: Win10
-
Server: Using gokrb5 Kerberos library
Other information
The problem may be related to the following code added in .NET 8:
Additionally, in the gokrb5 library, there is a constant used for the WWW-Authenticate header set to the client upon successful authentication with HTTP code 200 . Could this be related to the issue?
Activity