How to modify the HTTP Header for a WebService in .NET 2.0

Discussion in 'ASP .Net' started by utnemisis51@gmail.com, Feb 15, 2006.

  1. Guest

    Hi,

    I'm trying to include some user credentials for accessing a remote
    webservice. The remote location requires that I use Basic
    authentication, which means, from browsing around, I need to include
    the user name and password in the HTTP header, but I'm not quite sure
    how to access the HTTP header that is sent with the webservice soap
    message request.

    Can anyone help?

    Thanks in Advance.

    Kevin
     
    , Feb 15, 2006
    #1
    1. Advertising

  2. You should be able to pass a NetworkCredential object to the webservice
    proxy that uses the specified user name, password, and domain and pass this
    with the request to the remote webservice. This would be added to the
    outbound header when the request is made.

    Have a read of this for an example.

    http://support.microsoft.com/kb/811318/EN-US/

    --
    Regards

    John Timney
    Microsoft MVP

    <> wrote in message
    news:...
    > Hi,
    >
    > I'm trying to include some user credentials for accessing a remote
    > webservice. The remote location requires that I use Basic
    > authentication, which means, from browsing around, I need to include
    > the user name and password in the HTTP header, but I'm not quite sure
    > how to access the HTTP header that is sent with the webservice soap
    > message request.
    >
    > Can anyone help?
    >
    > Thanks in Advance.
    >
    > Kevin
    >
     
    John Timney \( MVP \), Feb 15, 2006
    #2
    1. Advertising

  3. UT-BadBoy Guest

    I tried your suggestion, which I have used in the past to pass
    credentials. In this instance, I'm needing to send the credentials via
    the HTTP headers, not part of the soap headers. According to RFC 2617,
    the HTTP header should include "Authorization: Basic uid:password"
    format. Using the trace built into IIS I looked at the incomming
    request to the webservice to locate the header information and check if
    any credentials that I set was found within the header, but could not
    find any.

    this is the information in the HTTP header:

    Headers Collection
    Name Value
    Connection Keep-Alive
    Content-Length 4068
    Content-Type text/xml; charset=utf-8
    Expect 100-continue
    Host localhost
    User-Agent Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
    Protocol 2.0.50727.42)
    VsDebuggerCausalityData
    uIDPowZg+yq+Zv9BnmiKUtX0pxsBAAAANneykaH6Wky4N0BqGyE1RI8QHDH3KGRPmY2NJ9d7/egACAAA

    SOAPAction "http://tempuri.org/GetVersion"

    -----------------------------------------------------------------

    Here's a snippet of what code i used to set the network credentials.

    System.Net.NetworkCredential cred = new
    System.Net.NetworkCredential("user", "user");
    System.Net.CredentialCache cache = new
    System.Net.CredentialCache();
    cache.Add(new Uri("www.webservice.asmx"), "Basic",
    cred);
    webService.Credentials = cache;

    Am I going about this the wrong way?

    Thanks.
     
    UT-BadBoy, Feb 15, 2006
    #3
  4. Specifically for SOAP headers .NET lets you derive from the soap header
    class to pass authentication if the network credentials cant cut it. I've
    never tried it but it might be just what your after.

    Theres a simple example of it here in the quickstart:
    http://samples.gotdotnet.com/quickstart/aspplus/doc/secureservices.aspx

    and another worth reading at Code Project
    http://www.codeproject.com/cs/webservices/authforwebservices.asp

    Hope that helps


    --
    Regards

    John Timney
    Microsoft MVP

    "UT-BadBoy" <> wrote in message
    news:...
    >I tried your suggestion, which I have used in the past to pass
    > credentials. In this instance, I'm needing to send the credentials via
    > the HTTP headers, not part of the soap headers. According to RFC 2617,
    > the HTTP header should include "Authorization: Basic uid:password"
    > format. Using the trace built into IIS I looked at the incomming
    > request to the webservice to locate the header information and check if
    > any credentials that I set was found within the header, but could not
    > find any.
    >
    > this is the information in the HTTP header:
    >
    > Headers Collection
    > Name Value
    > Connection Keep-Alive
    > Content-Length 4068
    > Content-Type text/xml; charset=utf-8
    > Expect 100-continue
    > Host localhost
    > User-Agent Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
    > Protocol 2.0.50727.42)
    > VsDebuggerCausalityData
    > uIDPowZg+yq+Zv9BnmiKUtX0pxsBAAAANneykaH6Wky4N0BqGyE1RI8QHDH3KGRPmY2NJ9d7/egACAAA
    >
    > SOAPAction "http://tempuri.org/GetVersion"
    >
    > -----------------------------------------------------------------
    >
    > Here's a snippet of what code i used to set the network credentials.
    >
    > System.Net.NetworkCredential cred = new
    > System.Net.NetworkCredential("user", "user");
    > System.Net.CredentialCache cache = new
    > System.Net.CredentialCache();
    > cache.Add(new Uri("www.webservice.asmx"), "Basic",
    > cred);
    > webService.Credentials = cache;
    >
    > Am I going about this the wrong way?
    >
    > Thanks.
    >
     
    John Timney \( MVP \), Feb 16, 2006
    #4
  5. UT-BadBoy Guest

    Hi John,

    Thanks for the two links. They definately provided me with more
    information about the soap headers and how you can use the soap headers
    to place additional information for webservice requests. But
    unfortunately, the third party webservices that we are using require
    that we place the authentication strings within the
    HTTP Headers. Is there a way to implement this within the webservice
    or is this something I need to configure IIS to do when sending out
    requests?

    Thanks again.
     
    UT-BadBoy, Feb 21, 2006
    #5
  6. UT-BadBoy Guest

    Hi John,

    Thanks for the two links. They definately provided me with alot of
    information about the webservice soap headers but it seems in my
    situation that I need access to the HTTP Headers.
    The third pary webservices that we will use requires that we place the
    authentication credentials within the HTTP header's Authentication
    section.
    Is this some sort of configuration that I can set within the IIS?

    Thanks.
     
    UT-BadBoy, Feb 21, 2006
    #6
  7. The authentication property preauthenticate=true on your wsdl proxy should
    force the authentication headers into the http stack as opposed to the soap
    stack. I suspect this is what your actually after as it handles 401 status
    codes and deals with an http challenge during the actual request, thus
    authenticating the call at the http header level.

    http://msdn2.microsoft.com/en-us/li...tocols.webclientprotocol.preauthenticate.aspx

    Another MVP - Peter Bromberg has an excellent article on pre-authenticating
    web service requets and security. You should read it.
    http://www.eggheadcafe.com/articles/20051104.asp

    If this isn't what your looking for then you need to get a working example
    from the web service owner and base your solution on that.

    Hope I have helped!.

    Regards

    John Timney
    Microsoft MVP

    "UT-BadBoy" <> wrote in message
    news:...
    > Hi John,
    >
    > Thanks for the two links. They definately provided me with more
    > information about the soap headers and how you can use the soap headers
    > to place additional information for webservice requests. But
    > unfortunately, the third party webservices that we are using require
    > that we place the authentication strings within the
    > HTTP Headers. Is there a way to implement this within the webservice
    > or is this something I need to configure IIS to do when sending out
    > requests?
    >
    > Thanks again.
    >
     
    John Timney \( MVP \), Feb 21, 2006
    #7
  8. erics44

    Joined:
    Nov 26, 2009
    Messages:
    1
    Hi
    I know this is a very old thread but did it get a solution?

    I am having the same issue?

    Thanks in advance
     
    erics44, Jan 8, 2010
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vivek Mehta
    Replies:
    3
    Views:
    8,741
    Vivek Mehta
    Aug 12, 2004
  2. walter
    Replies:
    2
    Views:
    890
    walter
    Jul 21, 2008
  3. mlt
    Replies:
    2
    Views:
    906
    Jean-Marc Bourguet
    Jan 31, 2009
  4. Scott

    WebService To WebService HTTP Connection Limit

    Scott, Jan 31, 2006, in forum: ASP .Net Web Services
    Replies:
    1
    Views:
    698
    Scott
    Feb 1, 2006
  5. Nils

    Howto modify HTTP Headers in XML Webservice

    Nils, Feb 19, 2007, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    335
Loading...

Share This Page