Add Negotiate and MultipleSchemes code to the System.net test Prerequisites #17845
Labels
area-System.Net.Http
disabled-test
The test is disabled in source code against the issue
test-enhancement
Improvements of test source code
Comments
|
This is about having multi-machine test support. |
pjanotti
referenced
this issue
in pjanotti/corefx
Jan 30, 2018
These passed in 100 runs on Windows 10 RS3, measuring if they stay clean before merging. fixes #9228 fixes #10041 fixes #23209
|
For reference, the current scripts are here: |
davidsh
referenced
this issue
in davidsh/corefx
Nov 10, 2019
This PR is a follow up to PR dotnet#36827 which added support for Linux server-side GSS-API (AcceptSecContext). This enabled NegotitateStream AuthenticateAsServer* support. It also provided support for ASP.NET Core to allow Kestrel server to have Negotiate authentication on Linux. This PR fixes some problems with Negotiate (SPNEGO) fallback from Kerberos to NTLM. Notably it passes in a correct GSS Acceptor credential so that fallback will work correctly. As part of fixing that, I noticed some other problems with returning the user-identity when NTLM is used. This was tested in a separate enterprise testing environment that I have created. It builds on technologies that we have started using like docker containers and Azure pipelines (e.g. HttpStress). The environment is currently here: https://dev.azure.com/systemnetncl/Enterprise%20Testing. The extra Kerberos tests and container support is here: https://github.com/davidsh/networkingtests When the repo merge is completed, I will work with the infra team to see what things can be merged back into the main repo/CI pipeline and migrate the test sources to an appropriate place in the new repo. Contributes to #10041 Contributes to #24707 Contributes to #30150
davidsh
referenced
this issue
in davidsh/corefx
Nov 10, 2019
This PR is a follow up to PR dotnet#36827 which added support for Linux server-side GSS-API (AcceptSecContext). This enabled NegotitateStream AuthenticateAsServer* support. It also provided support for ASP.NET Core to allow Kestrel server to have Negotiate authentication on Linux. This PR fixes some problems with Negotiate (SPNEGO) fallback from Kerberos to NTLM. Notably it passes in a correct GSS Acceptor credential so that fallback will work correctly. As part of fixing that, I noticed some other problems with returning the user-identity when NTLM is used. This was tested in a separate enterprise testing environment that I have created. It builds on technologies that we have started using like docker containers and Azure pipelines (e.g. HttpStress). The environment is currently here: https://dev.azure.com/systemnetncl/Enterprise%20Testing. The extra Kerberos tests and container support is here: https://github.com/davidsh/networkingtests When the repo merge is completed, I will work with the infra team to see what things can be merged back into the main repo/CI pipeline and migrate the test sources to an appropriate place in the new repo. Contributes to #10041 Contributes to #24707 Contributes to #30150
davidsh
referenced
this issue
in dotnet/corefx
Nov 11, 2019
This PR is a follow up to PR #36827 which added support for Linux server-side GSS-API (AcceptSecContext). This enabled NegotitateStream AuthenticateAsServer* support. It also provided support for ASP.NET Core to allow Kestrel server to have Negotiate authentication on Linux. This PR fixes some problems with Negotiate (SPNEGO) fallback from Kerberos to NTLM. Notably it passes in a correct GSS Acceptor credential so that fallback will work correctly. As part of fixing that, I noticed some other problems with returning the user-identity when NTLM is used. This was tested in a separate enterprise testing environment that I have created. It builds on technologies that we have started using like docker containers and Azure pipelines (e.g. HttpStress). The environment is currently here: https://dev.azure.com/systemnetncl/Enterprise%20Testing. The extra Kerberos tests and container support is here: https://github.com/davidsh/networkingtests When the repo merge is completed, I will work with the infra team to see what things can be merged back into the main repo/CI pipeline and migrate the test sources to an appropriate place in the new repo. Contributes to #10041 Contributes to #24707 Contributes to #30150
davidsh
referenced
this issue
in davidsh/runtime
Dec 3, 2019
This is the first of several PRs that add Enterprise Scenarios Testing capability to the repo. This PR focusses on Linux which allows for docker containers to be used in an enterprise network configuration. I focussed on 2 workflows: 1) The 'dev' workflow, and 2) The PR/CI workflow. The dev workflow works well since it's using containers in a docker-compose environment along with volume mounting your current dev's repo enlistment. The PR/CI workflow gives us an Azure DevOps pipeline to automate verification. I still need to work with the infra team to add a real pipeline that will run. I can't do that until this is merged. In the meantime, I have my own DevOps pipeline that verified this PR. See: https://dev.azure.com/systemnetncl/Enterprise%20Testing/_build/results?buildId=141 I will be linking a follow-up GitHub issue describing the roadmap for building on this system including adding Windows environments, NTLM protocol, proxies, and other libraries such as System.Net.Mail and System.Data.SqlClient. Those libraries also use Negotiate/Kerberos/NTLM enterprise-oriented protocols. Contributes to: https://github.com/dotnet/corefx/issues/41652 https://github.com/dotnet/corefx/issues/41489 https://github.com/dotnet/corefx/issues/36896 https://github.com/dotnet/corefx/issues/30150 https://github.com/dotnet/corefx/issues/24707 https://github.com/dotnet/corefx/issues/10041 https://github.com/dotnet/corefx/issues/6606 https://github.com/dotnet/corefx/issues/6161
davidsh
referenced
this issue
Dec 5, 2019
This is the first of several PRs that add Enterprise Scenarios Testing capability to the repo. This PR focusses on Linux which allows for docker containers to be used in an enterprise network configuration. I focussed on 2 workflows: 1) The 'dev' workflow, and 2) The PR/CI workflow. The dev workflow works well since it's using containers in a docker-compose environment along with volume mounting your current dev's repo enlistment. The PR/CI workflow gives us an Azure DevOps pipeline to automate verification. I still need to work with the infra team to add a real pipeline that will run. I can't do that until this is merged. In the meantime, I have my own DevOps pipeline that verified this PR. See: https://dev.azure.com/systemnetncl/Enterprise%20Testing/_build/results?buildId=141 I will be linking a follow-up GitHub issue describing the roadmap for building on this system including adding Windows environments, NTLM protocol, proxies, and other libraries such as System.Net.Mail and System.Data.SqlClient. Those libraries also use Negotiate/Kerberos/NTLM enterprise-oriented protocols. Contributes to: https://github.com/dotnet/corefx/issues/41652 https://github.com/dotnet/corefx/issues/41489 https://github.com/dotnet/corefx/issues/36896 https://github.com/dotnet/corefx/issues/30150 https://github.com/dotnet/corefx/issues/24707 https://github.com/dotnet/corefx/issues/10041 https://github.com/dotnet/corefx/issues/6606 https://github.com/dotnet/corefx/issues/6161 * Address PR feedback * Change pipeline *.yml to only run on selected filepaths for PRs * Change kdc container Dockerfile to be based on ubuntu:18.04 * Fix typo in README.md * Update .yml file * Link (instead of copy) apache kerb module to the right place
|
Due to lack of recent activity, this issue has been marked as a candidate for backlog cleanup. It will be closed if no further activity occurs within 14 more days. Any new comment (by anyone, not necessarily the author) will undo this process. This process is part of our issue cleanup automation. |
dotnet-policy-service
bot
added
backlog-cleanup-candidate
|
This issue will now be closed since it had been marked |
dotnet-policy-service
bot
removed
no-recent-activity
backlog-cleanup-candidate
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add the missing
showidentity.ashxfile required by DefaultCredentialsTest.csThe text was updated successfully, but these errors were encountered: