Retrieving REST Data Using NTLM From a Dual Auth Site in SharePoint 2010
The title of this post actually makes this sound a lot more complicated than the final solution. It's really a case of combining the techniques I discussed in two previous posts: https://blogs.technet.com/b/speschka/archive/2010/09/25/retrieving-rest-data-in-a-claims-based-auth-site-in-sharepoint-2010.aspx and https://blogs.technet.com/b/speschka/archive/2011/04/01/retrieving-data-from-a-multi-auth-site-using-the-client-om-and-web-services-in-sharepoint-2010.aspx. The short version of the scenario is this - some folks wanted to do a something like a health check ping against a SharePoint site that used SAML authentication. Previously they had only been working against sites that used on Windows authentication, and as soon as they tried those tools against a site that supported multiple authentication types - SAML and Windows - those tools stopped working.
The point of the health check is just to make a request to a site and make sure that data is returned; if some error code is returned instead then they can start digging into it. I decided the easiest way to do this was just to make a call to the listdata.svc that is the REST endpoint for the site. It is something that will always be there, and configuring it to force it into using NTLM in a multi-auth site is something that I figured would be pretty easy, and in fact it was. The gist of the approach is just to make an HttpWebRequest and add the header I described in the second link above to force it use NTLM. The result is a fairly straightforward looking chunk of code that looks like this:
string endpoint = UrlTxt.Text + "/_vti_bin/listdata.svc";
//make a request to the REST interface for the data
HttpWebRequest webRqst = (HttpWebRequest)WebRequest.Create(endpoint);
webRqst.UseDefaultCredentials = true;
webRqst.Method = "GET";
webRqst.Accept = "*/*";
webRqst.KeepAlive = true;
webRqst.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
//read the response now
HttpWebResponse webResp = webRqst.GetResponse() as HttpWebResponse;
//make the request and get the response
StreamReader theData = new StreamReader(webResp.GetResponseStream(), true);
string payload = theData.ReadToEnd();
theData.Close();
webResp.Close();
ResultsTxt.Text = payload;
So as you can see, I just create the request, set a few properties and then add my header that tells SharePoint to use Windows auth. Then I just make my request and I'm good to go. It's a pretty simple project, but I've attached the complete solution to this posting in case it's helpful.