问题
I'm trying to set up an endpoint for authenticated HTTP POST requests that will handle requests whose bodies sit at around 15 kB.
I followed the description on MSDN and defined
var httpListener = (OwinHttpListener) appBuilder.Properties[typeof(OwinHttpListener).FullName];
httpListener.Listener.AuthenticationSchemeSelectorDelegate = request =>
request.HttpMethod == "POST"
? AuthenticationSchemes.IntegratedWindowsAuthentication
: AuthenticationSchemes.Anonymous;
in my Startup.Configuration. This works like a charm for smaller requests, but I end up with HTTP 400 Bad Requests the moment I try to send through a request with a body size of about 15 kB. To test this, I'm using
curl -v --ntlm --negotiate -u {username}:{password} -d @myfile.txt http://localhost:8080/my-endpoint
where myfile.txt is about 15 kB. At first, I assumed this was an issue about Content-Length being limited and implemented the middleware suggested in this answer to change the limit; this was a red herring, though, as the middleware ends up being invoked only for smaller requests. Indeed, if I get rid of the authentication entirely, everything works as expected.
Moreover, if I use AuthenticationSchemes.Ntlm instead of AuthenticationSchemes.IntegratedWindowsAuthentication, then the curl request does goes through without any issues, so I have a functioning workaround, but I am still curious what is causing the issue in the first place, and if there is a workaround that doesn't rely on falling back to NTLM.
来源:https://stackoverflow.com/questions/59707967/sending-large-post-requests-with-integrated-windows-authentication-in-owin-self