(KeepAlive = false) == 401 ACCESS DENIED!!

[Mark Shaw]

We are building a consumer product that relies heavily on Web Webservices.

To eleimate the 'Error Ocurred On Send/Receive' error, we overode the
GetWebRequest() method of the Reference.cs class for our WebService. This
worked great!!

NOW, for some reason I'm receiving 401 errors.

If I set KeepAlive = true, BINGO! no access denied errors.

/*** Credentials Code ***/
Appsrv.Services appSrvs = new TESTBED.Appsrv.Services();
string appSrvAuthMethod = "Negotiate";
Uri appSrvsUri = new Uri(appSrvs.Url);

CredentialCache credCache = new CredentialCache();
NetworkCredential cred = new NetworkCredential("user", "password",
"domain");

credCache.Add(appSrvsUri, appSrvAuthMethod, cred);
appSrvs.Credentials = credCache;

/*** Web Services Code *** /
protected override WebRequest GetWebRequest(Uri uri)
{
HttpWebRequest webRequest = (HttpWebRequest) base.GetWebRequest(uri);
webRequest.KeepAlive = false;

return webRequest;
}

 

[Feroze [MSFT]]

Your webservice might have authentication enabled (eg: NTLM and/or
Integrated WIndows). For this to work, you require KeepAlive to be enabled.

--
Remove "user" from the email address to reply to the author.

This posting is provided "AS IS" with no warranties, and confers no rights

Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

 

[Mark Shaw]

Thanks for your quick response!!

IIS: Security is set to 'Integrated Windows' and 'Anonymous Access' is
disabled. Web Services Config: Authentication mode is set to 'Windows'

So in order to utilize this ability to pass Credentials to the WebRequest, I
need to have WebRequest.KeepAlive == true?

Unfortunate, since WebRequest.KeepAlive == true was the only statement that
was preventing the 'error on send/receive'.

If keeping WebRequest.KeepAlive == true is my only option to authenticate
pass a firewall, do you have any suggestions with the 'error on
send/receive' issue.

NOTE: Our product is receiving HIGH visibilty from the manufacturing sector.
Our core product is built on .NET technologies and this product is a bolt on
product to a major manufacturing software suite.

 

[Feroze [MSFT]]

I dont understand your question. Are you saying that you are getting
"Unexpected error occured on a receive" , with KeepAlive=true ?

Your original post said that if you disable KeepAlive on the webrequest,
that you got 401 access denied from the server. As I said, if you are using
Integrated Windows Authentication as a method for authenticating the client,
then it requires a keep-alive connection in order for the authentication
handshake to succeed.

If you absolutely want to disable keep-alive, then you must go with some
other method of authentication, eg: basic over SSL, or digest.

Why do you want to disable Keep-ALive ? Is it because you are going through
a proxy and/or you do not want authenticated connections to be shared with
non-authenticated clients ?

Note that by default, HttpWebRequest will close the connection after every
request if the authenticated connection was negotiated using NTLM/Negotiate
(these are the protocols used in the integrated authentication scenario). If
you want to keep the authenticated connection alive across multiple
requests, you can set "request.UnsafeAuthenticatedConnectionSharing = true".
Or if you want to partition authenticated connections among multiple
requests, you can use the "ConnectionGroupName" property.

If these do not help, please give more data on exactly what problem you are
having.

--
Remove "user" from the email address to reply to the author.

This posting is provided "AS IS" with no warranties, and confers no rights

Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm