Retrieving REST Data Using NTLM From a Dual Auth Site in SharePoint 2010

The title of this post actually makes this sound a lot more complicated than the final solution.  It’s really a case of combining the techniques I discussed in two previous posts: and  The short version of the scenario is this – some folks wanted to do a something like a health check ping against a SharePoint site that used SAML authentication.  Previously they had only been working against sites that used on Windows authentication, and as soon as they tried those tools against a site that supported multiple authentication types – SAML and Windows – those tools stopped working.

The point of the health check is just to make a request to a site and make sure that data is returned; if some error code is returned instead then they can start digging into it.  I decided the easiest way to do this was just to make a call to the listdata.svc that is the REST endpoint for the site.  It is something that will always be there, and configuring it to force it into using NTLM in a multi-auth site is something that I figured would be pretty easy, and in fact it was.  The gist of the approach is just to make an HttpWebRequest and add the header I described in the second link above to force it use NTLM.  The result is a fairly straightforward looking chunk of code that looks like this:

string endpoint = UrlTxt.Text + “/_vti_bin/listdata.svc”;
//make a request to the REST interface for the data
HttpWebRequest webRqst = (HttpWebRequest)WebRequest.Create(endpoint);
webRqst.UseDefaultCredentials = true;
webRqst.Method = “GET”;
webRqst.Accept = “*/*”;
webRqst.KeepAlive = true;
webRqst.Headers.Add(“X-FORMS_BASED_AUTH_ACCEPTED”, “f”);

//read the response now
HttpWebResponse webResp = webRqst.GetResponse() as HttpWebResponse;

//make the request and get the response
StreamReader theData = new StreamReader(webResp.GetResponseStream(), true);
string payload = theData.ReadToEnd();

ResultsTxt.Text = payload;

So as you can see, I just create the request, set a few properties and then add my header that tells SharePoint to use Windows auth.  Then I just make my request and I’m good to go.  It’s a pretty simple project, but I’ve attached the complete solution to this posting in case it’s helpful.


You can download the attachment here:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s