tags:

views:

606

answers:

1
Q: 

C# HttpWebRequest - PreAuthenticate: Still returns 401 forbidden (HTTPS)

Hello, I would like to ask you for help with the following code I have quickly write, beucase I always get "403 FORBIDDEN".

HttpWebRequest pozadavek = (HttpWebRequest)WebRequest.Create("LINK THAT ASKS FOR AUTHLOGIN"); //https
    System.IO.StreamReader stream = null;
    System.String result = null;
    public Form1()
    {
        InitializeComponent();
        pozadavek.AuthenticationLevel = System.Net.Security.AuthenticationLevel.MutualAuthRequested;
        pozadavek.Credentials = new NetworkCredential("NAME", "PASS");
        pozadavek.PreAuthenticate = true;
    }

    private void Form1_Load(object sender, EventArgs e)
    {
        WebResponse webresponse = pozadavek.GetResponse(); //throws an exception:403 forbidden
        stream = new System.IO.StreamReader(webresponse.GetResponseStream());
        result = stream.ReadToEnd();
        this.webBrowser1.DocumentText = result;
    }
A: 

The site you are trying to open requires Basic Authentication. Bottom line is, you need to include the username/password in base64 encoded with your request. Luckily, .Net does that for you. Construct your request like this:

var credCache = new CredentialCache();
credCache.Add(new Uri("https://is.vsfs.cz/auth"), "Basic",
                  new NetworkCredential("user", "pwd"));
var request = (HttpWebRequest)WebRequest.Create(uri);
request.Credentials = credCache;

Here's one article explaining in more detail how various auth schemes are handled in .Net.

Peter Lillevold  2010-02-08 08:39:03
No, with either "true" and "false" it is the same. I am not sure whether it is the correct way, opening the link in browser will open an popup asking for username and password.
Snake  2010-02-08 08:41:24
If "authentication" is done through a popup it is initially enforced clientside. Your request will never see that. It sounds like the site is using some sort of forms authentication. Perhaps you can get a direct url to the login page, but even then using the Credentials property will probably not work, you'll have to send username/pwd to the page using a POST request.
Peter Lillevold  2010-02-08 09:52:28
Oh, I can see there is "https". I have changed the URI in the program and now get 401...any ideas please?
Snake  2010-02-08 10:08:02
401 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) still means you are not authorized. You should get a url directly to the login page and construct a POST that the page will accept.
Peter Lillevold  2010-02-08 10:13:44
But how can I get it? You can take a look:https://is.vsfs.cz/auth
Snake  2010-02-08 10:15:20
Yes, that made it clearer. I've updated my answer!
Peter Lillevold  2010-02-08 10:37:42
Thank you very much!
Snake  2010-02-08 11:44:04

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?