9 Replies Latest reply on Aug 29, 2011 12:31 PM by Jon Scholten

    MWG's proxy authentication causes unhandled exception in .NET 3.5 (SP1)

      We experience an issue with .NET 3.5 applications (and probably earlier versions), and MWG's proxy authentication.

      When we try to retrieve the response from a WebRequest in a .NET 3.5 SP1 application we get the following exception:


      System.Net.WebException was unhandled
        Message=The remote server returned an error: (407) Proxy Authentication Required.
        Source=System
        StackTrace:
             at System.Net.HttpWebRequest.GetResponse()
             at ConsoleApplication2010.Program.Main() in C:\temp\ConsoleApplication2010\ConsoleApplication2010\Program.cs:line 13
             at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args)
             at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
             at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
             at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
             at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
             at System.Threading.ThreadHelper.ThreadStart()
        InnerException: System.ComponentModel.Win32Exception
             Message=The token supplied to the function is invalid
             Source=System
             ErrorCode=-2147467259
             NativeErrorCode=-2146893048
             StackTrace:
                  at System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatus& statusCode)
                  at System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob)
                  at System.Net.NtlmClient.DoAuthenticate(String challenge, WebRequest webRequest, ICredentials credentials, Boolean preAuthenticate)
                  at System.Net.NtlmClient.Authenticate(String challenge, WebRequest webRequest, ICredentials credentials)
                  at System.Net.AuthenticationManager.Authenticate(String challenge, WebRequest request, ICredentials credentials)
                  at System.Net.AuthenticationState.AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo)
                  at System.Net.HttpWebRequest.CheckResubmitForAuth()
                  at System.Net.HttpWebRequest.CheckResubmit(Exception& e)
             InnerException:


      The applications are configured to use default credentials on the proxy.

      This configuration works perfect through another proxy that also requires NTLM authentication (ISA Server 2006).

       

      Visual Studio 2008's start page and online documentation have the same issue with MWG (but works fine through another authenticating proxy).

       

      .NET 4.0 and Visual Studio 2010 on the other hand has no problem with MWG's proxy authentication.

       

      From network traces on the client it can look like it's MWG's "NTLM challenge message" that causes the exception.

      The authentication process flows as normal (407 proxy authentication required (NTLMProxy-Connection), NTLM negotiate message, NTLM challenge message) until the client receives MWG's "NTLM challenge message", which it never responds to.


      Has anyone experienced the same that we do?

      Is this issue known to McAfee?

      Has it been investigated?

      Any solution?


      Our MWG is v.6.8.6, running on Linux, and authentication method is native NTLM.


      /Arild.

       

       

       

      Message was edited by: Arild on 6/10/10 6:59:54 AM CDT