Currently, We are hosting a .net core 3.1 webapp in IIS (DEV server), and it is using Windows Authentication. We want to impersonated caller's credential when we call another webapi in one of the controller action, here is our code
[Authorize]
public IActionResult Get()
{
_logger.LogInformation("Boom! In Get");
WindowsIdentity.RunImpersonated(((WindowsIdentity)HttpContext.User.Identity).AccessToken, () =>
{
_logger.LogInformation($"Received request");
HttpClient _client = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true })
{
BaseAddress = new Uri("http://SomeTestUrl.com/")
};
var result = _client.GetAsync("/api/program").Result;
var json = result.Content.ReadAsStringAsync().Result;
_logger.LogInformation($"Returning response");
});
return Ok("True");
}
It runs fine on my local machine with IISExpress but its failing on DEV server. I am getting below error.
Any idea why am I getting this error? What is the correct way of impersonating user in controller action?
Other observations:
We have another .net web api (not core) which call the same url "http://SomeTestUrl.com/" in impersonated mode and its also working fine on DEV server.
If I try to call url with ip address "http://10.10.20.300/" instead "http://SomeTestUrl.com/" it works.
System.Net.Http.HttpRequestException: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. ---> System.Net.Sockets.SocketException (11002): This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
