I have a ASP MVC site which is a very basic REST service protected by a HMAC authentication scheme. At the moment it is failing to authenticate using a PHP client library.
In order to try to debug this, I run the site from visual studio, use a linux VM to work on the php side of things and expose my IIS site to that VM.
As soon as I set a breakpoint in the ASP site on the authentication filter, I saw that breakpoint being hit multiple times for what I thought was a single php curl request. I fired up fiddler and it actually seems if I hit a breakpoint on the ASP side, the curl request seems to replay itself over and over, interestingly even the HMAC stuff seems to be recalculated which infers the php script is being executed multiple times. The rate seems overly excessive as well, approx 20 per second.
If I remove that breakpoint, only one curl request gets sent.
Having that many requests hit the server when you are trying to debug an async authentication method really does make life hard.
I saw the headers had a Connection: Keep-Alive on it so I tried removing that from the curl parameters, but that didn't help
Anyone got any ideas please?