SocketsHttpHandler cannot authenticate NTLM with username format user@domain.com #19366
Description
For Xamarin.iOS https://github.com/dotnet/designs/blob/main/accepted/2020/mono-convergence/platform-specific-httpclient.md#xamariniostvoswatchos
There are 3 handlers available (SocketsHttpHandler, CFNetworkHandler, and NSUrlSessionHandler)
After upgrading to NET7, it’s similar.
However, NTLM authentication is not working well.
SocketsHttpHandler cannot authenticate with a username in the form of user@domain.com.
There is a difference between NSUrlSessionHandler and SocketsHttpHandler.
I need to know why this difference exists.
Environment
Currently running on IOS devices with version 15/16 (Iphone/Ipad)
Visual Stuido 2022 version 17.5.4
Xcode_14.2
xamarin.ios-16.0.0.72
MonoFramework-MDK-6.12.0.182.macos10.xamarin.universal
Project sample:
https://github.com/vinhdp195/HttpRequestSample
Code sample:
https://github.com/vinhdp195/HttpRequestSample/blob/main/MauiApp1/MainPage.xaml.cs
In the above example source:
CheckHttpAsync() method uses NSUrlSessionHandler as a parameter for HttpClient
CheckSocketAsync() method uses SocketsHttpHandler as a parameter for HttpClient
User Infomation in AD:
user logon name: admin@sample.com
user logon (pre-windows 2000) : domain\samName
samAccountName is "samName"
Results when authenticating NTLM with SocketsHttpHandler and NSUrlSessionHandler:
| No. | Username Input | NSUrlSessionHandler | SocketsHttpHandler |
|---|---|---|---|
| 1 | samName | 〇 | 〇 |
| 2 | domain\samName | 〇 | 〇 |
| 3 | admin@sample.com | 〇 | x |
| 4 | samName@sample.com | x | 〇 |
| 5 | samName@domain.com | x | 〇 |
| 6 | samName@xyz.com | x | 〇 |
It appears that only username is samName can be authenticated (OK) when using SocketsHttpHandler.
- At No.3: using SocketsHttpHandler, it cannot authenticate with the username “admin@sample.com”, but NSUrlSessionHandler can.
- At No.4,5,6: using SocketsHttpHandler, it can authenticate with samName, however, any value after the @ character can also successfully authenticate (xyz is an incorrect value but still authenticates successfully).
What is the reason for the above difference? Is it a bug?
I want to be able to successfully authenticate at No.3 using SocketsHttpHandler, what should I do?
(Besides, the reason I have to use SocketsHttpHandler for my project is because NSUrlSessionHandler on iOS does not support passing in WebProxy)