tags:

views:

2443

answers:

2
+3  Q: 

System.Net.WebClient vs. Proxy Authentication 407 error

I'm trying to figure out how to robustly handle proxy authentication errors (HTTP 407 status code) when using the System.Net.WebClient class.

In the field, we see many users receiving a 407 proxy authentication WebException, but I'm not sure what a good default strategy is. In .Net 2.0/3.5, the proxy authentication settings are supposed to be inherited from the Internet Explorer system settings. Firefox, Opera and Chrome use these same settings.

Here's the basic code we are using:

using System.Net;

string url = "http://www.mysite.com";
WebClient webClient = new WebClient();
byte[] data = webClient.DownloadFile(url);

When this code fails, we open the user's browser and send them to a help page. From our web logs, we know these customers can successfully connect in their browsers. Perhaps they are manually entering their proxy user name and password before they get to our help page? We don't know.

It seems that we could use WebClient.UseDefaultCredentials, but this seems redundant if WebClient is using the system settings anyway.

Any help is appreciated.

+3  A: 

We solved that problem by adding a config dialog which alows the user to choose "use proxy". If this setting is done we use these parameter (address, credentials...). If not - we assume that a connection can be made without any manual interaction. In the case of an error we do: a.) try again using default credentials b.) popup an information that a setting in config could help...

If proxy authentication is done via "default credentials" (Windows user) IE also reacts to an auth error and sends default credentials in this case. If this does not work it opens a credentials dialog. I'm not sure if all browsers handle this that way - but you can simply give it a try using fiddler, so you can see what's going on.

ManniAT  2009-07-29 20:21:44
thanks for the detailed workflow.
Anonymous Type  2010-10-07 22:07:14
+5  A: 

Internet Explorer does not persistently cache/reuse proxy authentication credentials if the proxy auth uses BASIC or DIGEST. For Negotiate/NTLM, default credentials will be provided.

Hence, even though .NET inherits from IE settings, you won't get any "free" support for proxy authentication for Basic/Digest unless you happen to be running in IE; you'll need to prompt the user or provide a configuration screen.

Fiddler (www.fiddler2.com) has the "Request Proxy Authentication" option on the Rules menu that you can use to simulate this scenario for testing.

EricLaw -MSFT-  2009-07-30 03:11:04
Thanks Eric. Fiddler works well.To clarify, for Negotiate/NTML, will default credentials will be provided by WebClient whether or not I set UseDefaultCredentials=true? In other words, is there value in handling the 407 WebException and retrying with UseDefaultCredentials=true? Why not just always set UseDefaultCredentials=true? Security risk?Opinion Disclaimer: WinInet seemed to handle this much better. Given that everyone in the universe wants to traverse proxies, why not do this automatically or fire an event and provide a standard UI for entering/saving credentials?
Daniel  2009-07-31 20:32:46
I experimented more with Fiddler. I thought it would be easy to just supply the user name and password ("1", "1") like below, but it doesn't work. string url = "http://www.java.com/"; webClient = new WebClient(); CredentialCache cache = new CredentialCache(); cache.Add(new Uri(url), "Basic", new NetworkCredential("1", "1")); webClient.Proxy.Credentials = credentialCache; webClient.Credentials = credentialCache; string contents = webClient.DownloadString(url);
Daniel  2009-07-31 23:47:32
Got it working. For some reason the CredentialCache did not work. I had to pass a NetworkCredential to webClient.Proxy.Credentials.
Daniel  2009-08-01 00:02:34

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?