.Net 2.0 issue with HttpWebRequest/Proxy breaking WebService

Discussion in 'ASP .Net' started by LarryKuperman, May 12, 2008.

  1. Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
    This problem can be shown when trying to access a WebService using SSL and
    through a proxy server after using the HttpWebRequest object.

    Under normal circumstances I am able to use the webservice without any
    problems. But after using an HttpWebRequest object to make a call to a
    website
    all subsequent attempts to use the WebService will fail with a 401
    Unauthorized error. This problem appears to be directly related to when the
    Client's Internet Explorer settings are configured to use a Proxy server for
    http requests. If the settings for the proxy server are disabled everything
    works as expected.


    Server Configuration:
    Windows 2003 Server Service Pack 2
    IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
    Windows Authentication
    ..Net 2.0

    Client:
    Windows XP Service Pack 2
    ..Net 2.0
    IE 7, configured to use a proxy server

    Below is sample code that can be used to reproduce the problem with a CSharp
    Windows Application.


    //PreRequisites: Webservice must be using SSL (https) and does
    not allow anoymous connections(using Integrated Windows Authentication)
    //Client's IE Settings requires http requests to go through a
    Proxy server. (If proxy is not enabled the below scenario works properly)

    //Create Web Service Object
    YourWebService webServiceObject = new YourWebService();

    //Set Credentials for Web Service
    webServiceObject.Credentials = new
    System.Net.NetworkCredential("username", "password", "domain");

    //Call a method from the Web Service. This Call works without
    any errors.
    object returnObject = webServiceObject.anyWebServiceMethod();

    //Create HttpWebRequest Object to any non secure web page
    HttpWebRequest webRequestObject =
    (HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
    //Call GetResponse
    HttpWebResponse testRes =
    (HttpWebResponse)webRequestObject.GetResponse();

    //Call the same method from the Same Web Service Object. This
    call will fail.
    returnObject = webServiceObject.anyWebServiceMethod();

    //The Above call will fail with the following error
    //"The request failed with HTTP status 401: Unauthorized."

    //Sample Stack Trace of the error
    //at
    System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
    //at
    System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
    methodName, Object[] parameters)
    //at Proxy.[snip].Service.ValidateAccount(String email, String
    password, OperatingSystemInfo osInfo) in
    C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
    336
    //at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
    C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
    //at System.Windows.Forms.Form.OnLoad(EventArgs e)
    //at System.Windows.Forms.Form.OnCreateControl()
    //at System.Windows.Forms.Control.CreateControl(Boolean
    fIgnoreVisible)
    //at System.Windows.Forms.Control.CreateControl()
    //at System.Windows.Forms.Control.WmShowWindow(Message& m)
    //at System.Windows.Forms.Control.WndProc(Message& m)
    //at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
    //at System.Windows.Forms.ContainerControl.WndProc(Message& m)
    //at System.Windows.Forms.Form.WmShowWindow(Message& m)
    //at System.Windows.Forms.Form.WndProc(Message& m)
    //at
    System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
    //at
    System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
    //at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
    hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
    //at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
    hWnd, Int32 nCmdShow)
    //at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
    //at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
    //at System.Windows.Forms.Control.set_Visible(Boolean value)
    //at
    System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
    reason, ApplicationContext context)
    //at
    System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
    ApplicationContext context)
    //at System.Windows.Forms.Application.Run(Form mainForm)
    //at Proxy.Program.Main() in
    C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
    //at System.AppDomain.nExecuteAssembly(Assembly assembly,
    String[] args)
    //at System.AppDomain.ExecuteAssembly(String assemblyFile,
    Evidence assemblySecurity, String[] args)
    //at
    Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
    //at System.Threading.ThreadHelper.ThreadStart_Context(Object
    state)
    //at System.Threading.ExecutionContext.Run(ExecutionContext
    executionContext, ContextCallback callback, Object state)
    //at System.Threading.ThreadHelper.ThreadStart()

    Please do not hesitate to contact me if you require any additional
    information or if you have a solution.


    --
    Larry Kuperman
    Global Account Manager
    Stardock- A Microsoft Gold Partner
     
    LarryKuperman, May 12, 2008
    #1
    1. Advertisements

  2. LarryKuperman

    bruce barker Guest

    iy looks like the proxy requires authenication (pretty much standard). you
    should supply proxy credentials to the webrequest.

    -- bruce (sqlwork.com)


    "LarryKuperman" wrote:

    > Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
    > This problem can be shown when trying to access a WebService using SSL and
    > through a proxy server after using the HttpWebRequest object.
    >
    > Under normal circumstances I am able to use the webservice without any
    > problems. But after using an HttpWebRequest object to make a call to a
    > website
    > all subsequent attempts to use the WebService will fail with a 401
    > Unauthorized error. This problem appears to be directly related to when the
    > Client's Internet Explorer settings are configured to use a Proxy server for
    > http requests. If the settings for the proxy server are disabled everything
    > works as expected.
    >
    >
    > Server Configuration:
    > Windows 2003 Server Service Pack 2
    > IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
    > Windows Authentication
    > .Net 2.0
    >
    > Client:
    > Windows XP Service Pack 2
    > .Net 2.0
    > IE 7, configured to use a proxy server
    >
    > Below is sample code that can be used to reproduce the problem with a CSharp
    > Windows Application.
    >
    >
    > //PreRequisites: Webservice must be using SSL (https) and does
    > not allow anoymous connections(using Integrated Windows Authentication)
    > //Client's IE Settings requires http requests to go through a
    > Proxy server. (If proxy is not enabled the below scenario works properly)
    >
    > //Create Web Service Object
    > YourWebService webServiceObject = new YourWebService();
    >
    > //Set Credentials for Web Service
    > webServiceObject.Credentials = new
    > System.Net.NetworkCredential("username", "password", "domain");
    >
    > //Call a method from the Web Service. This Call works without
    > any errors.
    > object returnObject = webServiceObject.anyWebServiceMethod();
    >
    > //Create HttpWebRequest Object to any non secure web page
    > HttpWebRequest webRequestObject =
    > (HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
    > //Call GetResponse
    > HttpWebResponse testRes =
    > (HttpWebResponse)webRequestObject.GetResponse();
    >
    > //Call the same method from the Same Web Service Object. This
    > call will fail.
    > returnObject = webServiceObject.anyWebServiceMethod();
    >
    > //The Above call will fail with the following error
    > //"The request failed with HTTP status 401: Unauthorized."
    >
    > //Sample Stack Trace of the error
    > //at
    > System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
    > //at
    > System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
    > methodName, Object[] parameters)
    > //at Proxy.[snip].Service.ValidateAccount(String email, String
    > password, OperatingSystemInfo osInfo) in
    > C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
    > 336
    > //at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
    > C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
    > //at System.Windows.Forms.Form.OnLoad(EventArgs e)
    > //at System.Windows.Forms.Form.OnCreateControl()
    > //at System.Windows.Forms.Control.CreateControl(Boolean
    > fIgnoreVisible)
    > //at System.Windows.Forms.Control.CreateControl()
    > //at System.Windows.Forms.Control.WmShowWindow(Message& m)
    > //at System.Windows.Forms.Control.WndProc(Message& m)
    > //at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
    > //at System.Windows.Forms.ContainerControl.WndProc(Message& m)
    > //at System.Windows.Forms.Form.WmShowWindow(Message& m)
    > //at System.Windows.Forms.Form.WndProc(Message& m)
    > //at
    > System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
    > //at
    > System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
    > //at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
    > hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
    > //at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
    > hWnd, Int32 nCmdShow)
    > //at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
    > //at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
    > //at System.Windows.Forms.Control.set_Visible(Boolean value)
    > //at
    > System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
    > reason, ApplicationContext context)
    > //at
    > System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
    > ApplicationContext context)
    > //at System.Windows.Forms.Application.Run(Form mainForm)
    > //at Proxy.Program.Main() in
    > C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
    > //at System.AppDomain.nExecuteAssembly(Assembly assembly,
    > String[] args)
    > //at System.AppDomain.ExecuteAssembly(String assemblyFile,
    > Evidence assemblySecurity, String[] args)
    > //at
    > Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
    > //at System.Threading.ThreadHelper.ThreadStart_Context(Object
    > state)
    > //at System.Threading.ExecutionContext.Run(ExecutionContext
    > executionContext, ContextCallback callback, Object state)
    > //at System.Threading.ThreadHelper.ThreadStart()
    >
    > Please do not hesitate to contact me if you require any additional
    > information or if you have a solution.
    >
    >
    > --
    > Larry Kuperman
    > Global Account Manager
    > Stardock- A Microsoft Gold Partner
     
    bruce barker, May 13, 2008
    #2
    1. Advertisements

  3. Hi, Bruce and thanks for your reply. We are using this as a workaround, but
    it doesn't really solve the issue.

    Under normal circumstances we are able to use the webservice without any
    problems. But after using an HttpWebRequest object to make a call to a
    website
    all subsequent attempts to use the WebService will fail with a 401
    Unauthorized error.

    So, initially the .Net framework is setting the proxy for you. But after
    using a WebRequest the Proxy settings for the WebService calls get removed
    and thus need to be set manually.

    We are still seeking a solution.
    --
    Larry Kuperman
    Global Account Manager
    Stardock- A Microsoft Gold Partner


    "bruce barker" wrote:

    > iy looks like the proxy requires authenication (pretty much standard). you
    > should supply proxy credentials to the webrequest.
    >
    > -- bruce (sqlwork.com)
    >
    >
    > "LarryKuperman" wrote:
    >
    > > Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
    > > This problem can be shown when trying to access a WebService using SSL and
    > > through a proxy server after using the HttpWebRequest object.
    > >
    > > Under normal circumstances I am able to use the webservice without any
    > > problems. But after using an HttpWebRequest object to make a call to a
    > > website
    > > all subsequent attempts to use the WebService will fail with a 401
    > > Unauthorized error. This problem appears to be directly related to when the
    > > Client's Internet Explorer settings are configured to use a Proxy server for
    > > http requests. If the settings for the proxy server are disabled everything
    > > works as expected.
    > >
    > >
    > > Server Configuration:
    > > Windows 2003 Server Service Pack 2
    > > IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
    > > Windows Authentication
    > > .Net 2.0
    > >
    > > Client:
    > > Windows XP Service Pack 2
    > > .Net 2.0
    > > IE 7, configured to use a proxy server
    > >
    > > Below is sample code that can be used to reproduce the problem with a CSharp
    > > Windows Application.
    > >
    > >
    > > //PreRequisites: Webservice must be using SSL (https) and does
    > > not allow anoymous connections(using Integrated Windows Authentication)
    > > //Client's IE Settings requires http requests to go through a
    > > Proxy server. (If proxy is not enabled the below scenario works properly)
    > >
    > > //Create Web Service Object
    > > YourWebService webServiceObject = new YourWebService();
    > >
    > > //Set Credentials for Web Service
    > > webServiceObject.Credentials = new
    > > System.Net.NetworkCredential("username", "password", "domain");
    > >
    > > //Call a method from the Web Service. This Call works without
    > > any errors.
    > > object returnObject = webServiceObject.anyWebServiceMethod();
    > >
    > > //Create HttpWebRequest Object to any non secure web page
    > > HttpWebRequest webRequestObject =
    > > (HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
    > > //Call GetResponse
    > > HttpWebResponse testRes =
    > > (HttpWebResponse)webRequestObject.GetResponse();
    > >
    > > //Call the same method from the Same Web Service Object. This
    > > call will fail.
    > > returnObject = webServiceObject.anyWebServiceMethod();
    > >
    > > //The Above call will fail with the following error
    > > //"The request failed with HTTP status 401: Unauthorized."
    > >
    > > //Sample Stack Trace of the error
    > > //at
    > > System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
    > > //at
    > > System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
    > > methodName, Object[] parameters)
    > > //at Proxy.[snip].Service.ValidateAccount(String email, String
    > > password, OperatingSystemInfo osInfo) in
    > > C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
    > > 336
    > > //at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
    > > C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
    > > //at System.Windows.Forms.Form.OnLoad(EventArgs e)
    > > //at System.Windows.Forms.Form.OnCreateControl()
    > > //at System.Windows.Forms.Control.CreateControl(Boolean
    > > fIgnoreVisible)
    > > //at System.Windows.Forms.Control.CreateControl()
    > > //at System.Windows.Forms.Control.WmShowWindow(Message& m)
    > > //at System.Windows.Forms.Control.WndProc(Message& m)
    > > //at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
    > > //at System.Windows.Forms.ContainerControl.WndProc(Message& m)
    > > //at System.Windows.Forms.Form.WmShowWindow(Message& m)
    > > //at System.Windows.Forms.Form.WndProc(Message& m)
    > > //at
    > > System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
    > > //at
    > > System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
    > > //at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
    > > hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
    > > //at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
    > > hWnd, Int32 nCmdShow)
    > > //at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
    > > //at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
    > > //at System.Windows.Forms.Control.set_Visible(Boolean value)
    > > //at
    > > System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
    > > reason, ApplicationContext context)
    > > //at
    > > System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
    > > ApplicationContext context)
    > > //at System.Windows.Forms.Application.Run(Form mainForm)
    > > //at Proxy.Program.Main() in
    > > C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
    > > //at System.AppDomain.nExecuteAssembly(Assembly assembly,
    > > String[] args)
    > > //at System.AppDomain.ExecuteAssembly(String assemblyFile,
    > > Evidence assemblySecurity, String[] args)
    > > //at
    > > Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
    > > //at System.Threading.ThreadHelper.ThreadStart_Context(Object
    > > state)
    > > //at System.Threading.ExecutionContext.Run(ExecutionContext
    > > executionContext, ContextCallback callback, Object state)
    > > //at System.Threading.ThreadHelper.ThreadStart()
    > >
    > > Please do not hesitate to contact me if you require any additional
    > > information or if you have a solution.
    > >
    > >
    > > --
    > > Larry Kuperman
    > > Global Account Manager
    > > Stardock- A Microsoft Gold Partner
     
    LarryKuperman, May 13, 2008
    #3
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Greg Reevosh via .NET 247

    Issue with System.Net.HttpWebRequest

    Greg Reevosh via .NET 247, Oct 17, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    4,930
    Feroze [msft]
    Oct 22, 2004
  2. Greg Reevosh via .NET 247

    Issue with System.Net.HttpWebRequest

    Greg Reevosh via .NET 247, Oct 31, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    571
    Greg Reevosh via .NET 247
    Oct 31, 2004
  3. Greg Reevosh via .NET 247

    Issue with System.Net.HttpWebRequest

    Greg Reevosh via .NET 247, Nov 17, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    711
    Feroze [msft]
    Nov 19, 2004
  4. Greg Reevosh via .NET 247

    Issue with System.Net.HttpWebRequest

    Greg Reevosh via .NET 247, Dec 22, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    543
    Greg Reevosh via .NET 247
    Dec 22, 2004
  5. Greg Reevosh via .NET 247

    Issue with System.Net.HttpWebRequest

    Greg Reevosh via .NET 247, Jan 23, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    544
    Greg Reevosh via .NET 247
    Jan 23, 2005
  6. Imran Aziz

    HttpWebRequest and proxy issues

    Imran Aziz, Aug 30, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    8,320
    Joerg Jooss
    Aug 31, 2005
  7. Amy
    Replies:
    0
    Views:
    685
  8. Martin
    Replies:
    1
    Views:
    453
    Martin
    Jan 5, 2007
Loading...