-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NTLM issues in some images #5303
Comments
I am looking for some help. I've not been successful in that so far. We'll have Ubuntu 24.04 images to try next month. Any thoughts @filipnavara @mconnew @wfurt ? |
This looks like dotnet/runtime#67353. It got broken by moving OpenSSL 3.0. It was fixed upstream but took ages for Ubuntu to pick up the updated package. I think Ubuntu 23+ had the 1.XX ntlm-gss |
When this PR merges, we will have noble images in our nightly repo. That will be enough to test. |
Thanks for the reference, @wfurt . Merging the default dotnet/runtime#67353 (comment)
|
For reference, it was fixed back in 2022: gssapi/gss-ntlmssp#72 to fix gssapi/gss-ntlmssp#71 . |
Thanks for sharing that @wfurt. That's VERY useful to share/persist. |
[Triage] Since there's a workaround available and the issue is with the OpenSSL configuration on Jammy (and not an issue with .NET or our Dockerfiles), closing this as not planned. |
Describe the Bug
Using
7.0-jammy
/8.0-jammy
,8.0-alpine
images (linux-x64
) and manually installinggss-ntlmssp
library does not seem to allow NTLM authentication when using a WCF connected service in a .NET 8 Web API project.When I converted my project down to
6.0-focal
, it worked. Then I tried to understand if this was a .NET 7+ issue, but I eventually found that the8.0-bookworm-slim
image worked, so it didn't seem to be a .NET version, but seemed to be more tied to the base image.In the
-jammy
and-alpine
images, the error I would get when connecting to my WCF service was:MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'.
Steps to Reproduce
Dockerfile (that does not work):
And a Dockerfile that works (Note: the only change is the image tag):
Other Information
Output of
docker version
Docker version 25.0.3, build 4debf41
The text was updated successfully, but these errors were encountered: