Trouble accessing IWA-secured portal in Xamarin Forms app on Android

237
0
06-30-2021 03:35 PM
FelicityRhone
New Contributor II

I'm encountering problems in a Xamarin Forms 5.0.0.2012 app, on Android (testing on a Samsung Galaxy, Android 9), using the ArcGIS Runtime 100.11.0/100.11.2.

We have a portal configured with IWA enabled and anonymous access disabled on the Web Adaptor. I keep getting 401 errors in our app, with credentials that work in a browser. I've seen other posts e.g. this one and this one that say this 401 issue has been a known issue when using the 'Android' HttpClient implementation, so I've tried setting it to 'Managed' instead.

But when I try to use 'Managed', I get an error at runtime about a missing dll. I can reproduce it in the Runtime Samples app (building with Visual Studio 2019 v16.9.2) by the following steps:

1. Go to Properties > Android Options > Advanced in the Xamarin Forms Android project and set Http implementation to 'Managed' (For the 'SSL/TLS implementation', I've tried with that set to both 'Managed TLS 1.0' and 'Native TLS 1.2+' with no difference). 

2. In the OAuth sample, change the ServerUrl variable to point to the IWA secured portal.

3. Launch the sample app, choose the Security > Authenticate with OAuth sample. When it gets to the call to `ArcGISPortal.CreateAsync(new Uri(ServerUrl))`, it throws this error:

System.DllNotFoundException: System.Net.Security.Native assembly:<unknown assembly> type:<unknown type> member:(null)
at (wrapper managed-to-native) Interop+NetSecurityNative.ImportPrincipalName(Interop/NetSecurityNative/Status&,string,int,Microsoft.Win32.SafeHandles.SafeGssNameHandle&)
at Microsoft.Win32.SafeHandles.SafeGssNameHandle.CreatePrincipal (System.String name) [0x00000] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/Microsoft/Win32/SafeHandles/GssSafeHandles.cs:39
at System.Net.Security.SafeDeleteNegoContext..ctor (System.Net.Security.SafeFreeNegoCredentials credential, System.String targetName) [0x0001c] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs:46
at System.Net.Security.NegotiateStreamPal.EstablishSecurityContext (System.Net.Security.SafeFreeNegoCredentials credential, System.Net.Security.SafeDeleteContext& context, System.String targetName, System.Net.ContextFlagsPal inFlags, System.Net.Security.SecurityBuffer inputBuffer, System.Net.Security.SecurityBuffer outputBuffer, System.Net.ContextFlagsPal& outFlags) [0x0000b] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/System/Net/Security/NegotiateStreamPal.Unix.cs:166
at System.Net.Security.NegotiateStreamPal.InitializeSecurityContext (System.Net.Security.SafeFreeCredentials credentialsHandle, System.Net.Security.SafeDeleteContext& securityContext, System.String spn, System.Net.ContextFlagsPal requestedContextFlags, System.Net.Security.SecurityBuffer[] inSecurityBufferArray, System.Net.Security.SecurityBuffer outSecurityBuffer, System.Net.ContextFlagsPal& contextFlags) [0x00037] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/System/Net/Security/NegotiateStreamPal.Unix.cs:240
at System.Net.NTAuthentication.GetOutgoingBlob (System.Byte[] incomingBlob, System.Boolean throwOnError, System.Net.SecurityStatusPal& statusCode) [0x00096] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/System/Net/NTAuthentication.Common.cs:243
at System.Net.NTAuthentication.GetOutgoingBlob (System.String incomingBlob) [0x00033] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/Common/src/System/Net/NTAuthentication.Common.cs:189
at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync (System.Net.Http.HttpRequestMessage request, System.Uri authUri, System.Net.ICredentials credentials, System.Boolean isProxyAuth, System.Net.Http.HttpConnection connection, System.Net.Http.HttpConnectionPool connectionPool, System.Threading.CancellationToken cancellationToken) [0x0041f] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.NtAuth.cs:124
at System.Net.Http.HttpConnectionPool.SendWithNtConnectionAuthAsync (System.Net.Http.HttpConnection connection, System.Net.Http.HttpRequestMessage request, System.Boolean doRequestAuth, System.Threading.CancellationToken cancellationToken) [0x00069] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnectionPool.cs:327
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync (System.Net.Http.HttpRequestMessage request, System.Boolean doRequestAuth, System.Threading.CancellationToken cancellationToken) [0x00101] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnectionPool.cs:296
at System.Net.Http.AuthenticationHelper.SendWithAuthAsync (System.Net.Http.HttpRequestMessage request, System.Uri authUri, System.Net.ICredentials credentials, System.Boolean preAuthenticate, System.Boolean isProxyAuth, System.Boolean doRequestAuth, System.Net.Http.HttpConnectionPool pool, System.Threading.CancellationToken cancellationToken) [0x000c8] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.cs:204
at System.Net.Http.RedirectHandler.SendAsync (System.Net.Http.HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) [0x00070] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/RedirectHandler.cs:32
at System.Net.Http.DecompressionHandler.SendAsync (System.Net.Http.HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) [0x00080] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/DecompressionHandler.cs:48
at Esri.ArcGISRuntime.Http.ArcGISHttpClientHandler+ArcGISClientHandlerInternal+<>c__DisplayClass15_0.<SendAsync>b__0 (System.Threading.Tasks.Task`1[TResult] t) [0x00074] in <1df5c9135fc04da082f841133d94e5ff>:0
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2[TAntecedentResult,TResult].InnerInvoke () [0x00024] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corert/src/System.Private.CoreLib/src/System/Threading/Tasks/TaskContinuation.cs:202
at System.Threading.Tasks.Task.Execute () [0x00000] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corert/src/System.Private.CoreLib/src/System/Threading/Tasks/Task.cs:2319
--- End of stack trace from previous location where exception was thrown ---

at Esri.ArcGISRuntime.Http.ArcGISHttpClientHandler+ArcGISClientHandlerInternal.SendAsync (System.Net.Http.HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) [0x00e0a] in <1df5c9135fc04da082f841133d94e5ff>:0
at System.Net.Http.HttpClient.FinishSendAsyncUnbuffered (System.Threading.Tasks.Task`1[TResult] sendTask, System.Net.Http.HttpRequestMessage request, System.Threading.CancellationTokenSource cts, System.Boolean disposeCts) [0x000b3] in /Users/builder/jenkins/workspace/archive-mono/2020-02/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/HttpClient.cs:531
at Esri.ArcGISRuntime.Portal.Utils.WebRequestJson`1[T].GetData (Esri.ArcGISRuntime.Portal.ArcGISPortal portal, System.String url, System.Collections.Generic.IDictionary`2[TKey,TValue] parameters, System.Threading.CancellationToken cancellationToken, System.Boolean forcePost) [0x001f6] in <1df5c9135fc04da082f841133d94e5ff>:0
at Esri.ArcGISRuntime.Portal.ArcGISPortal.InitializePortalInfo (System.Threading.CancellationToken cancellationToken) [0x0008b] in <1df5c9135fc04da082f841133d94e5ff>:0
at Esri.ArcGISRuntime.Portal.ArcGISPortal.InitializeAsync (System.Threading.CancellationToken cancellationToken) [0x000fa] in <1df5c9135fc04da082f841133d94e5ff>:0
at ArcGISRuntime.Samples.OAuth.OAuth.Initialize () [0x00057] in C:\Users\frhone\source\repos\arcgis-runtime-samples-dotnet\src\Forms\Shared\Samples\Security\OAuth\OAuth.xaml.cs:70 }
base: {System.TypeLoadException}

Is anyone else running into this? Any suggestions for either avoiding the constant 401 errors with the 'Android' HttpClient, or workarounds to get the 'Managed' implementation working?

I've also tried changing the PreAuthenticateBehaviour on the ArcGISNetworkCredential as suggested in this post with no luck.

0 Kudos
0 Replies