Access remote xml file using Credentials

Discussion in 'ASP .Net Security' started by Ianb, Jan 20, 2005.

  1. Ianb

    Ianb Guest

    Hi

    I'm trying to access an xml document outside my site root to do some
    manipulation and I'm getting an error (on the while statement):

    The remote server returned an error: (401) Unauthorized.

    I guess this is because I don't have permissions on the file but I've been
    trying to set credentials before the file access. Can any one see what I'm
    doing wrong - Heres my code:
    ------------------------------------
    WebClient oWebClient = new WebClient();
    oWebClient.Credentials = CredentialCache.DefaultCredentials;

    string sResource = docRecord.Filepath + docRecord.Filename;
    Stream oStream = oWebClient.OpenRead(sResource);

    StreamReader oSR = new StreamReader(oStream);

    // create an instance of the XmlDocument object
    XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());

    oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    while(oXmlRdr.Read()) {
    // ... xml manipulation
    }

    // close the object and free up memory
    oXmlRdr.Close();
    oStream.Close();
    -----------------------------------
    and corresponding web.config entry:

    <authentication mode = "Forms">
    <forms>
    <credentials passwordFormat = "Clear">
    <user name ="ianb" password = "******"/>
    </credentials>
    </forms>
    </authentication>
    <authorization>
    <deny users = "?"/>
    </authorization>

    ===============================
    I have also tried the following and got the same result:
    WebClient oWebClient = new WebClient();
    NetworkCredential oCred = new NetworkCredential("ianb", "******");
    oWebClient.Credentials = oCred;
    String strURL = "http://validURL/XMLPage.xml";
    Stream oStream = oWebClient.OpenRead(strURL);
    StreamReader oSR = new StreamReader(oStream);

    XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;

    while(oXmlRdr.Read()) {
    // ... xml manipulation
    }

    // close the object and free up memory
    oXmlRdr.Close();
    oStream.Close();
    -------------------------------------
    I would prefer to use the web.config option. Can anyone help me with this

    Thanks

    Ian B
     
    Ianb, Jan 20, 2005
    #1
    1. Advertising

  2. Did you try supplying explicit credentials in the Credentials property
    instead of DefaultCredentials?

    Joe K.

    "Ianb" <> wrote in message
    news:...
    > Hi
    >
    > I'm trying to access an xml document outside my site root to do some
    > manipulation and I'm getting an error (on the while statement):
    >
    > The remote server returned an error: (401) Unauthorized.
    >
    > I guess this is because I don't have permissions on the file but I've been
    > trying to set credentials before the file access. Can any one see what I'm
    > doing wrong - Heres my code:
    > ------------------------------------
    > WebClient oWebClient = new WebClient();
    > oWebClient.Credentials = CredentialCache.DefaultCredentials;
    >
    > string sResource = docRecord.Filepath + docRecord.Filename;
    > Stream oStream = oWebClient.OpenRead(sResource);
    >
    > StreamReader oSR = new StreamReader(oStream);
    >
    > // create an instance of the XmlDocument object
    > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    >
    > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    > while(oXmlRdr.Read()) {
    > // ... xml manipulation
    > }
    >
    > // close the object and free up memory
    > oXmlRdr.Close();
    > oStream.Close();
    > -----------------------------------
    > and corresponding web.config entry:
    >
    > <authentication mode = "Forms">
    > <forms>
    > <credentials passwordFormat = "Clear">
    > <user name ="ianb" password = "******"/>
    > </credentials>
    > </forms>
    > </authentication>
    > <authorization>
    > <deny users = "?"/>
    > </authorization>
    >
    > ===============================
    > I have also tried the following and got the same result:
    > WebClient oWebClient = new WebClient();
    > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    > oWebClient.Credentials = oCred;
    > String strURL = "http://validURL/XMLPage.xml";
    > Stream oStream = oWebClient.OpenRead(strURL);
    > StreamReader oSR = new StreamReader(oStream);
    >
    > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    >
    > while(oXmlRdr.Read()) {
    > // ... xml manipulation
    > }
    >
    > // close the object and free up memory
    > oXmlRdr.Close();
    > oStream.Close();
    > -------------------------------------
    > I would prefer to use the web.config option. Can anyone help me with this
    >
    > Thanks
    >
    > Ian B
     
    Joe Kaplan \(MVP - ADSI\), Jan 20, 2005
    #2
    1. Advertising

  3. Ianb

    Ianb Guest

    Hi Joe

    Only in the form I've shown you in the second coding attempt... ie:
    NetworkCredential oCred = new NetworkCredential("ianb", "******");
    oWebClient.Credentials = oCred;

    is there another way to do this?

    Ian

    "Joe Kaplan (MVP - ADSI)" wrote:

    > Did you try supplying explicit credentials in the Credentials property
    > instead of DefaultCredentials?
    >
    > Joe K.
    >
    > "Ianb" <> wrote in message
    > news:...
    > > Hi
    > >
    > > I'm trying to access an xml document outside my site root to do some
    > > manipulation and I'm getting an error (on the while statement):
    > >
    > > The remote server returned an error: (401) Unauthorized.
    > >
    > > I guess this is because I don't have permissions on the file but I've been
    > > trying to set credentials before the file access. Can any one see what I'm
    > > doing wrong - Heres my code:
    > > ------------------------------------
    > > WebClient oWebClient = new WebClient();
    > > oWebClient.Credentials = CredentialCache.DefaultCredentials;
    > >
    > > string sResource = docRecord.Filepath + docRecord.Filename;
    > > Stream oStream = oWebClient.OpenRead(sResource);
    > >
    > > StreamReader oSR = new StreamReader(oStream);
    > >
    > > // create an instance of the XmlDocument object
    > > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    > >
    > > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    > > while(oXmlRdr.Read()) {
    > > // ... xml manipulation
    > > }
    > >
    > > // close the object and free up memory
    > > oXmlRdr.Close();
    > > oStream.Close();
    > > -----------------------------------
    > > and corresponding web.config entry:
    > >
    > > <authentication mode = "Forms">
    > > <forms>
    > > <credentials passwordFormat = "Clear">
    > > <user name ="ianb" password = "******"/>
    > > </credentials>
    > > </forms>
    > > </authentication>
    > > <authorization>
    > > <deny users = "?"/>
    > > </authorization>
    > >
    > > ===============================
    > > I have also tried the following and got the same result:
    > > WebClient oWebClient = new WebClient();
    > > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    > > oWebClient.Credentials = oCred;
    > > String strURL = "http://validURL/XMLPage.xml";
    > > Stream oStream = oWebClient.OpenRead(strURL);
    > > StreamReader oSR = new StreamReader(oStream);
    > >
    > > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    > > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    > >
    > > while(oXmlRdr.Read()) {
    > > // ... xml manipulation
    > > }
    > >
    > > // close the object and free up memory
    > > oXmlRdr.Close();
    > > oStream.Close();
    > > -------------------------------------
    > > I would prefer to use the web.config option. Can anyone help me with this
    > >
    > > Thanks
    > >
    > > Ian B

    >
    >
    >
     
    Ianb, Jan 20, 2005
    #3
  4. Is the other site using Forms authentication as well? If so, you are going
    to have to do some extra work to authenticate with it.

    You will either need to screen scrape the logon screen to do the correct
    Form post to get the logon cookie, or you will need to configure things so
    that you can pass your ASP.NET forms authentication cookie to the other site
    directly.

    All this stuff having to do with DefaultCredentials and such only works with
    Windows authentication.

    Joe K.

    "Ianb" <> wrote in message
    news:...
    > Hi Joe
    >
    > Only in the form I've shown you in the second coding attempt... ie:
    > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    > oWebClient.Credentials = oCred;
    >
    > is there another way to do this?
    >
    > Ian
    >
    > "Joe Kaplan (MVP - ADSI)" wrote:
    >
    >> Did you try supplying explicit credentials in the Credentials property
    >> instead of DefaultCredentials?
    >>
    >> Joe K.
    >>
    >> "Ianb" <> wrote in message
    >> news:...
    >> > Hi
    >> >
    >> > I'm trying to access an xml document outside my site root to do some
    >> > manipulation and I'm getting an error (on the while statement):
    >> >
    >> > The remote server returned an error: (401) Unauthorized.
    >> >
    >> > I guess this is because I don't have permissions on the file but I've
    >> > been
    >> > trying to set credentials before the file access. Can any one see what
    >> > I'm
    >> > doing wrong - Heres my code:
    >> > ------------------------------------
    >> > WebClient oWebClient = new WebClient();
    >> > oWebClient.Credentials = CredentialCache.DefaultCredentials;
    >> >
    >> > string sResource = docRecord.Filepath + docRecord.Filename;
    >> > Stream oStream = oWebClient.OpenRead(sResource);
    >> >
    >> > StreamReader oSR = new StreamReader(oStream);
    >> >
    >> > // create an instance of the XmlDocument object
    >> > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    >> >
    >> > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    >> > while(oXmlRdr.Read()) {
    >> > // ... xml manipulation
    >> > }
    >> >
    >> > // close the object and free up memory
    >> > oXmlRdr.Close();
    >> > oStream.Close();
    >> > -----------------------------------
    >> > and corresponding web.config entry:
    >> >
    >> > <authentication mode = "Forms">
    >> > <forms>
    >> > <credentials passwordFormat = "Clear">
    >> > <user name ="ianb" password = "******"/>
    >> > </credentials>
    >> > </forms>
    >> > </authentication>
    >> > <authorization>
    >> > <deny users = "?"/>
    >> > </authorization>
    >> >
    >> > ===============================
    >> > I have also tried the following and got the same result:
    >> > WebClient oWebClient = new WebClient();
    >> > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    >> > oWebClient.Credentials = oCred;
    >> > String strURL = "http://validURL/XMLPage.xml";
    >> > Stream oStream = oWebClient.OpenRead(strURL);
    >> > StreamReader oSR = new StreamReader(oStream);
    >> >
    >> > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    >> > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    >> >
    >> > while(oXmlRdr.Read()) {
    >> > // ... xml manipulation
    >> > }
    >> >
    >> > // close the object and free up memory
    >> > oXmlRdr.Close();
    >> > oStream.Close();
    >> > -------------------------------------
    >> > I would prefer to use the web.config option. Can anyone help me with
    >> > this
    >> >
    >> > Thanks
    >> >
    >> > Ian B

    >>
    >>
    >>
     
    Joe Kaplan \(MVP - ADSI\), Jan 20, 2005
    #4
  5. Ianb

    Ianb Guest

    Hi Joe

    To clarify, I am trying to access a Word XML format document in a sharepoint
    library from a custom ASPX file in an excluded directory under the same
    sharepoint site.

    So I guess the sharepoint site is using the same web.config hense yes the
    other site is using forms authentication.

    The site uses windows authentication so (from what you are saying) I am
    heading the right way but I have some errors in my code.

    Ian

    "Joe Kaplan (MVP - ADSI)" wrote:

    > Is the other site using Forms authentication as well? If so, you are going
    > to have to do some extra work to authenticate with it.
    >
    > You will either need to screen scrape the logon screen to do the correct
    > Form post to get the logon cookie, or you will need to configure things so
    > that you can pass your ASP.NET forms authentication cookie to the other site
    > directly.
    >
    > All this stuff having to do with DefaultCredentials and such only works with
    > Windows authentication.
    >
    > Joe K.
    >
    > "Ianb" <> wrote in message
    > news:...
    > > Hi Joe
    > >
    > > Only in the form I've shown you in the second coding attempt... ie:
    > > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    > > oWebClient.Credentials = oCred;
    > >
    > > is there another way to do this?
    > >
    > > Ian
    > >
    > > "Joe Kaplan (MVP - ADSI)" wrote:
    > >
    > >> Did you try supplying explicit credentials in the Credentials property
    > >> instead of DefaultCredentials?
    > >>
    > >> Joe K.
    > >>
    > >> "Ianb" <> wrote in message
    > >> news:...
    > >> > Hi
    > >> >
    > >> > I'm trying to access an xml document outside my site root to do some
    > >> > manipulation and I'm getting an error (on the while statement):
    > >> >
    > >> > The remote server returned an error: (401) Unauthorized.
    > >> >
    > >> > I guess this is because I don't have permissions on the file but I've
    > >> > been
    > >> > trying to set credentials before the file access. Can any one see what
    > >> > I'm
    > >> > doing wrong - Heres my code:
    > >> > ------------------------------------
    > >> > WebClient oWebClient = new WebClient();
    > >> > oWebClient.Credentials = CredentialCache.DefaultCredentials;
    > >> >
    > >> > string sResource = docRecord.Filepath + docRecord.Filename;
    > >> > Stream oStream = oWebClient.OpenRead(sResource);
    > >> >
    > >> > StreamReader oSR = new StreamReader(oStream);
    > >> >
    > >> > // create an instance of the XmlDocument object
    > >> > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    > >> >
    > >> > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    > >> > while(oXmlRdr.Read()) {
    > >> > // ... xml manipulation
    > >> > }
    > >> >
    > >> > // close the object and free up memory
    > >> > oXmlRdr.Close();
    > >> > oStream.Close();
    > >> > -----------------------------------
    > >> > and corresponding web.config entry:
    > >> >
    > >> > <authentication mode = "Forms">
    > >> > <forms>
    > >> > <credentials passwordFormat = "Clear">
    > >> > <user name ="ianb" password = "******"/>
    > >> > </credentials>
    > >> > </forms>
    > >> > </authentication>
    > >> > <authorization>
    > >> > <deny users = "?"/>
    > >> > </authorization>
    > >> >
    > >> > ===============================
    > >> > I have also tried the following and got the same result:
    > >> > WebClient oWebClient = new WebClient();
    > >> > NetworkCredential oCred = new NetworkCredential("ianb", "******");
    > >> > oWebClient.Credentials = oCred;
    > >> > String strURL = "http://validURL/XMLPage.xml";
    > >> > Stream oStream = oWebClient.OpenRead(strURL);
    > >> > StreamReader oSR = new StreamReader(oStream);
    > >> >
    > >> > XmlTextReader oXmlRdr = new XmlTextReader(oSR.ReadToEnd());
    > >> > oXmlRdr.WhitespaceHandling = WhitespaceHandling.None;
    > >> >
    > >> > while(oXmlRdr.Read()) {
    > >> > // ... xml manipulation
    > >> > }
    > >> >
    > >> > // close the object and free up memory
    > >> > oXmlRdr.Close();
    > >> > oStream.Close();
    > >> > -------------------------------------
    > >> > I would prefer to use the web.config option. Can anyone help me with
    > >> > this
    > >> >
    > >> > Thanks
    > >> >
    > >> > Ian B
    > >>
    > >>
    > >>

    >
    >
    >
     
    Ianb, Jan 20, 2005
    #5
  6. Ok,

    If the target file is on a SharePoint site, then it is almost certainly
    using Windows authentication, not Forms authentication. You should be able
    to tell by whether you are sent to a custom logon form when you first point
    your browser to it or whether the browser prompts you or logs you on
    automatically.

    If it is Windows authentication (which it should be), then you should be
    able to get the NetworkCredential approach to work. You might try adding a
    valid domain to your constructor:

    NetworkCredential oCred = new NetworkCredential("ianb", "******",
    "iansdomain");

    If that doesn't work, please provide more details and we'll see what we can
    do.

    Joe K.
    "Ianb" <> wrote in message
    news:...
    > Hi Joe
    >
    > To clarify, I am trying to access a Word XML format document in a
    > sharepoint
    > library from a custom ASPX file in an excluded directory under the same
    > sharepoint site.
    >
    > So I guess the sharepoint site is using the same web.config hense yes the
    > other site is using forms authentication.
    >
    > The site uses windows authentication so (from what you are saying) I am
    > heading the right way but I have some errors in my code.
    >
    > Ian
    >
     
    Joe Kaplan \(MVP - ADSI\), Jan 20, 2005
    #6
  7. Ianb

    Ianb Guest

    Good thinking but I'm still not winning. I put some exception trapping in and
    here is the response:
    System.Net.WebException: The remote server returned an error: (401)
    Unauthorized. at System.Net.HttpWebRequest.CheckFinalStatus() at
    System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at
    System.Net.HttpWebRequest.GetResponse() at
    System.Xml.XmlDownloadManager.GetNonFileStream(Uri uri, ICredentials
    credentials) at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials
    credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String
    role, Type ofObjectToReturn) at System.Xml.XmlTextReader.CreateScanner() at
    System.Xml.XmlTextReader.Init() at System.Xml.XmlTextReader.Read() at
    ASP.DocumentBuilder_aspx.Page_Load() in
    D:\Inetpub\wwwroot\WorkSQE\scripts\DocumentBuilder.aspx:line 58


    Ian

    "Joe Kaplan (MVP - ADSI)" wrote:

    > Ok,
    >
    > If the target file is on a SharePoint site, then it is almost certainly
    > using Windows authentication, not Forms authentication. You should be able
    > to tell by whether you are sent to a custom logon form when you first point
    > your browser to it or whether the browser prompts you or logs you on
    > automatically.
    >
    > If it is Windows authentication (which it should be), then you should be
    > able to get the NetworkCredential approach to work. You might try adding a
    > valid domain to your constructor:
    >
    > NetworkCredential oCred = new NetworkCredential("ianb", "******",
    > "iansdomain");
    >
    > If that doesn't work, please provide more details and we'll see what we can
    > do.
    >
    > Joe K.
    > "Ianb" <> wrote in message
    > news:...
    > > Hi Joe
    > >
    > > To clarify, I am trying to access a Word XML format document in a
    > > sharepoint
    > > library from a custom ASPX file in an excluded directory under the same
    > > sharepoint site.
    > >
    > > So I guess the sharepoint site is using the same web.config hense yes the
    > > other site is using forms authentication.
    > >
    > > The site uses windows authentication so (from what you are saying) I am
    > > heading the right way but I have some errors in my code.
    > >
    > > Ian
    > >

    >
    >
    >
     
    Ianb, Jan 20, 2005
    #7
  8. The trick to this is going to be figuring out what credentials you need to
    access the SharePoint server and then pass those in the correct format. I
    suggest setting IE to always prompt for Windows Integrated authentication
    and then make sure you pass the same stuff in your WebRequest via the
    Credentials property. WebRequest is really just doing what the browser is
    doing, so your goal is to make sure you can simulate that properly.

    I'm not sure what else I can tell you without having more details about how
    the authentication with SharePoint is working.

    Joe K.

    "Ianb" <> wrote in message
    news:...
    > Good thinking but I'm still not winning. I put some exception trapping in
    > and
    > here is the response:
    > System.Net.WebException: The remote server returned an error: (401)
    > Unauthorized. at System.Net.HttpWebRequest.CheckFinalStatus() at
    > System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at
    > System.Net.HttpWebRequest.GetResponse() at
    > System.Xml.XmlDownloadManager.GetNonFileStream(Uri uri, ICredentials
    > credentials) at System.Xml.XmlDownloadManager.GetStream(Uri uri,
    > ICredentials
    > credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,
    > String
    > role, Type ofObjectToReturn) at System.Xml.XmlTextReader.CreateScanner()
    > at
    > System.Xml.XmlTextReader.Init() at System.Xml.XmlTextReader.Read() at
    > ASP.DocumentBuilder_aspx.Page_Load() in
    > D:\Inetpub\wwwroot\WorkSQE\scripts\DocumentBuilder.aspx:line 58
    >
    >
    > Ian
     
    Joe Kaplan \(MVP - ADSI\), Jan 21, 2005
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Craig Deelsnyder

    Re: Pass Basic Auth. credentials to remote site?

    Craig Deelsnyder, Jul 21, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    671
    Craig Deelsnyder
    Jul 21, 2004
  2. Andy Klare

    File.Move() using different credentials?

    Andy Klare, Nov 30, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    772
    Andy Klare
    Nov 30, 2006
  3. Olli Plough
    Replies:
    2
    Views:
    251
    Martin Gregorie
    Dec 1, 2007
  4. Ianb

    Access remote xml file using Credentials

    Ianb, Jan 20, 2005, in forum: ASP .Net Security
    Replies:
    0
    Views:
    142
  5. Sandworth Meb
    Replies:
    0
    Views:
    127
    Sandworth Meb
    Aug 29, 2009
Loading...

Share This Page