I modified this sample app (https://github.com/dotnet/AspNetCore.Docs/tree/main/aspnetcore/fundamentals/servers/httpsys/samples/8.x/SampleApp) such that:
line 14 in Program.cs now reads:
(before): options.Authentication.Schemes = AuthenticationSchemes.None;
(after): options.Authentication.Schemes = AuthenticationSchemes.NTLM;
line 17 in Program.cs now reads:
(before): options.Authentication.AllowAnonymous = true;
(after): options.Authentication.AllowAnonymous = false;
line 20 in Program.cs now reads:
(before): options.UrlPrefixes.Add("http://localhost:5005");
(after): options.UrlPrefixes.Add("http://localhost:80");
Windows authentication works for localhost and port 5005, the sample project builds and runs and the index page renders without prompting for username/password. User.Identity.Name contains the logged in username and the domain to which the user is logged in.
I then proceed to apply the final change:
line 20 in Program.cs now reads:
(before): options.UrlPrefixes.Add("http://localhost:5005");
(after): options.UrlPrefixes.Add("http://127.0.0.1:80");
After applying the changes listed above, the project builds and runs, but the browser presents the built-in login prompt, asking for a username/password.
I have added 2 URL reservation entries and the command “netsh http show urlacl” outputs the following:
Reserved URL : http://localhost:80/
User: Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
Reserved URL : http://127.0.0.1:80/
User: Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
What am I missing? Why does this stop working when I apply the changes above?