I was receiving this error while hosting a webapi project on .net 5, using kestrel.
fail: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler An exception occurred while processing the authentication request. System.InvalidOperationException: An anonymous request was received in between authentication handshake requests. at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync() fail: Microsoft.AspNetCore.Server.Kestrel Connection id "0HM6A34N67LO5", Request id "0HM6A34N67LO5:00000005": An unhandled exception was thrown by the application. System.InvalidOperationException: An anonymous request was received in between authentication handshake requests. at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
Windows authentication works just fine when debugging locally, however, fails when deployed to a server, or accessing remotely via dns, with this error: System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.
How I corrected it.
My kestrel endpoints were configured to https://0.0.0.0:1234, with a certificate from myservice.mydomain.com.
I resolve the issue by setting my endpoint to https://myservice.mydomain.com:1234
Why am I blogging about this?
Because all of the advice I found while googling was incredibly unhelpful.
Git hub issue #1: Closed by microsoft bot… No help.
Stack Overflow #1: No help.
Stack Overflow #2: No Help
Stack Overflow #3: Links to GitHub Article stating windows auth is not supported.
Github Issue #2: States closed, does not work by design.
Relevant Microsoft Documentation: Tells me to set my SPN and/or to use HTTP.sys instead of kestrel.
So, If I helped a single person, by taking the 5 minutes to write this article, it has served its purpose.
If you do stumble upon this, and it helps you, leave a comment down below.
This issue happened to me again today. After googling around, I found my own article I had written (this one).
Well, no dice this time. However- updating the SPN records did correct it.
I had to run
setspn -S HTTP/myserver.mydomain.com myserviceaccount
for each of my servers, and then the issue went away.