P
Patrick Fogarty
I am programming what is to be a web service client that will use an
HTTP-POST to request and retrieve data. The remote server (written in java
for what it's worth) requires basic authentication as per RFC 2617
(http://www.faqs.org/rfcs/rfc2617.html). My attempts to authenticate are
failing. The server requires the header to be present with the request.
For security reasons, it will not reply in any way if the header is not
present.
More specifically, my attempts fail when attempting to attach a
'NetworkCredential' object to the 'Credentials' property of a
'HttpWebRequest' object. If I create the header manually, everything works
fine. When attempting to do it 'the Microsoft Way' no authentication
information is sent in the header, even if I set 'PreAuthenticate' = true.
What am I missing? Below are two examples. Each has the code to send the
request followed by the captured request header.
- Patrick
------------------------------------------------------------
<< the code that fails >>
(( assume reqBytes and SomeURI already set ))
request = (HttpWebRequest) WebRequest.Create(SomeURI);
request.PreAuthenticate = true;
request.Credentials = new NetworkCredential("JoeBlow","MountainHo");
request.Timeout = 20 * 1000;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = reqBytes.Length;
Stream reqStream = request
reqStream.Write(reqBytes,0,reqBytes.Length);
reqStream.Close();
------------------------------
POST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 1718
Expect: 100-continue
Connection: Keep-Alive
Host: me:10000
------------------------------------------------------------
<< the code that works>>
(( assume reqBytes and SomeURI already set ))
request = (HttpWebRequest) WebRequest.Create(SomeURI);
// 'GetManualAuthorization' written by me to generate RFC2617-compliant
basic authentication header
request.Headers.Add("Authorization", GetManualAuthorization("JoeBlow",
"MountainHo"));
request.Timeout = 20 * 1000;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = reqBytes.Length;
Stream reqStream = request
reqStream.Write(reqBytes,0,reqBytes.Length);
reqStream.Close();
------------------------------
POST / HTTP/1.1
Authorization: BASIC Sm9lQmxvdzpNb3VudGFpbkhv
Content-Type: application/x-www-form-urlencoded
Content-Length: 1718
Expect: 100-continue
Connection: Keep-Alive
Host: me:10000
HTTP-POST to request and retrieve data. The remote server (written in java
for what it's worth) requires basic authentication as per RFC 2617
(http://www.faqs.org/rfcs/rfc2617.html). My attempts to authenticate are
failing. The server requires the header to be present with the request.
For security reasons, it will not reply in any way if the header is not
present.
More specifically, my attempts fail when attempting to attach a
'NetworkCredential' object to the 'Credentials' property of a
'HttpWebRequest' object. If I create the header manually, everything works
fine. When attempting to do it 'the Microsoft Way' no authentication
information is sent in the header, even if I set 'PreAuthenticate' = true.
What am I missing? Below are two examples. Each has the code to send the
request followed by the captured request header.
- Patrick
------------------------------------------------------------
<< the code that fails >>
(( assume reqBytes and SomeURI already set ))
request = (HttpWebRequest) WebRequest.Create(SomeURI);
request.PreAuthenticate = true;
request.Credentials = new NetworkCredential("JoeBlow","MountainHo");
request.Timeout = 20 * 1000;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = reqBytes.Length;
Stream reqStream = request
reqStream.Write(reqBytes,0,reqBytes.Length);
reqStream.Close();
------------------------------
POST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 1718
Expect: 100-continue
Connection: Keep-Alive
Host: me:10000
------------------------------------------------------------
<< the code that works>>
(( assume reqBytes and SomeURI already set ))
request = (HttpWebRequest) WebRequest.Create(SomeURI);
// 'GetManualAuthorization' written by me to generate RFC2617-compliant
basic authentication header
request.Headers.Add("Authorization", GetManualAuthorization("JoeBlow",
"MountainHo"));
request.Timeout = 20 * 1000;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = reqBytes.Length;
Stream reqStream = request
reqStream.Write(reqBytes,0,reqBytes.Length);
reqStream.Close();
------------------------------
POST / HTTP/1.1
Authorization: BASIC Sm9lQmxvdzpNb3VudGFpbkhv
Content-Type: application/x-www-form-urlencoded
Content-Length: 1718
Expect: 100-continue
Connection: Keep-Alive
Host: me:10000