.Net 2.0 issue with HttpWebRequest/Proxy breaking WebService

L

LarryKuperman

Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
This problem can be shown when trying to access a WebService using SSL and
through a proxy server after using the HttpWebRequest object.

Under normal circumstances I am able to use the webservice without any
problems. But after using an HttpWebRequest object to make a call to a
website
all subsequent attempts to use the WebService will fail with a 401
Unauthorized error. This problem appears to be directly related to when the
Client's Internet Explorer settings are configured to use a Proxy server for
http requests. If the settings for the proxy server are disabled everything
works as expected.


Server Configuration:
Windows 2003 Server Service Pack 2
IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
Windows Authentication
..Net 2.0

Client:
Windows XP Service Pack 2
..Net 2.0
IE 7, configured to use a proxy server

Below is sample code that can be used to reproduce the problem with a CSharp
Windows Application.


//PreRequisites: Webservice must be using SSL (https) and does
not allow anoymous connections(using Integrated Windows Authentication)
//Client's IE Settings requires http requests to go through a
Proxy server. (If proxy is not enabled the below scenario works properly)

//Create Web Service Object
YourWebService webServiceObject = new YourWebService();

//Set Credentials for Web Service
webServiceObject.Credentials = new
System.Net.NetworkCredential("username", "password", "domain");

//Call a method from the Web Service. This Call works without
any errors.
object returnObject = webServiceObject.anyWebServiceMethod();

//Create HttpWebRequest Object to any non secure web page
HttpWebRequest webRequestObject =
(HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
//Call GetResponse
HttpWebResponse testRes =
(HttpWebResponse)webRequestObject.GetResponse();

//Call the same method from the Same Web Service Object. This
call will fail.
returnObject = webServiceObject.anyWebServiceMethod();

//The Above call will fail with the following error
//"The request failed with HTTP status 401: Unauthorized."

//Sample Stack Trace of the error
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
//at Proxy.[snip].Service.ValidateAccount(String email, String
password, OperatingSystemInfo osInfo) in
C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
336
//at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
//at System.Windows.Forms.Form.OnLoad(EventArgs e)
//at System.Windows.Forms.Form.OnCreateControl()
//at System.Windows.Forms.Control.CreateControl(Boolean
fIgnoreVisible)
//at System.Windows.Forms.Control.CreateControl()
//at System.Windows.Forms.Control.WmShowWindow(Message& m)
//at System.Windows.Forms.Control.WndProc(Message& m)
//at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
//at System.Windows.Forms.ContainerControl.WndProc(Message& m)
//at System.Windows.Forms.Form.WmShowWindow(Message& m)
//at System.Windows.Forms.Form.WndProc(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
//at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
//at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
hWnd, Int32 nCmdShow)
//at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Control.set_Visible(Boolean value)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
reason, ApplicationContext context)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
ApplicationContext context)
//at System.Windows.Forms.Application.Run(Form mainForm)
//at Proxy.Program.Main() in
C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
//at System.AppDomain.nExecuteAssembly(Assembly assembly,
String[] args)
//at System.AppDomain.ExecuteAssembly(String assemblyFile,
Evidence assemblySecurity, String[] args)
//at
Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
//at System.Threading.ThreadHelper.ThreadStart_Context(Object
state)
//at System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state)
//at System.Threading.ThreadHelper.ThreadStart()

Please do not hesitate to contact me if you require any additional
information or if you have a solution.
 
B

bruce barker

iy looks like the proxy requires authenication (pretty much standard). you
should supply proxy credentials to the webrequest.

-- bruce (sqlwork.com)


LarryKuperman said:
Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
This problem can be shown when trying to access a WebService using SSL and
through a proxy server after using the HttpWebRequest object.

Under normal circumstances I am able to use the webservice without any
problems. But after using an HttpWebRequest object to make a call to a
website
all subsequent attempts to use the WebService will fail with a 401
Unauthorized error. This problem appears to be directly related to when the
Client's Internet Explorer settings are configured to use a Proxy server for
http requests. If the settings for the proxy server are disabled everything
works as expected.


Server Configuration:
Windows 2003 Server Service Pack 2
IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
Windows Authentication
.Net 2.0

Client:
Windows XP Service Pack 2
.Net 2.0
IE 7, configured to use a proxy server

Below is sample code that can be used to reproduce the problem with a CSharp
Windows Application.


//PreRequisites: Webservice must be using SSL (https) and does
not allow anoymous connections(using Integrated Windows Authentication)
//Client's IE Settings requires http requests to go through a
Proxy server. (If proxy is not enabled the below scenario works properly)

//Create Web Service Object
YourWebService webServiceObject = new YourWebService();

//Set Credentials for Web Service
webServiceObject.Credentials = new
System.Net.NetworkCredential("username", "password", "domain");

//Call a method from the Web Service. This Call works without
any errors.
object returnObject = webServiceObject.anyWebServiceMethod();

//Create HttpWebRequest Object to any non secure web page
HttpWebRequest webRequestObject =
(HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
//Call GetResponse
HttpWebResponse testRes =
(HttpWebResponse)webRequestObject.GetResponse();

//Call the same method from the Same Web Service Object. This
call will fail.
returnObject = webServiceObject.anyWebServiceMethod();

//The Above call will fail with the following error
//"The request failed with HTTP status 401: Unauthorized."

//Sample Stack Trace of the error
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
//at Proxy.[snip].Service.ValidateAccount(String email, String
password, OperatingSystemInfo osInfo) in
C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
336
//at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
//at System.Windows.Forms.Form.OnLoad(EventArgs e)
//at System.Windows.Forms.Form.OnCreateControl()
//at System.Windows.Forms.Control.CreateControl(Boolean
fIgnoreVisible)
//at System.Windows.Forms.Control.CreateControl()
//at System.Windows.Forms.Control.WmShowWindow(Message& m)
//at System.Windows.Forms.Control.WndProc(Message& m)
//at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
//at System.Windows.Forms.ContainerControl.WndProc(Message& m)
//at System.Windows.Forms.Form.WmShowWindow(Message& m)
//at System.Windows.Forms.Form.WndProc(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
//at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
//at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
hWnd, Int32 nCmdShow)
//at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Control.set_Visible(Boolean value)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
reason, ApplicationContext context)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
ApplicationContext context)
//at System.Windows.Forms.Application.Run(Form mainForm)
//at Proxy.Program.Main() in
C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
//at System.AppDomain.nExecuteAssembly(Assembly assembly,
String[] args)
//at System.AppDomain.ExecuteAssembly(String assemblyFile,
Evidence assemblySecurity, String[] args)
//at
Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
//at System.Threading.ThreadHelper.ThreadStart_Context(Object
state)
//at System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state)
//at System.Threading.ThreadHelper.ThreadStart()

Please do not hesitate to contact me if you require any additional
information or if you have a solution.
 
L

LarryKuperman

Hi, Bruce and thanks for your reply. We are using this as a workaround, but
it doesn't really solve the issue.

Under normal circumstances we are able to use the webservice without any
problems. But after using an HttpWebRequest object to make a call to a
website
all subsequent attempts to use the WebService will fail with a 401
Unauthorized error.

So, initially the .Net framework is setting the proxy for you. But after
using a WebRequest the Proxy settings for the WebService calls get removed
and thus need to be set manually.

We are still seeking a solution.
--
Larry Kuperman
Global Account Manager
Stardock- A Microsoft Gold Partner


bruce barker said:
iy looks like the proxy requires authenication (pretty much standard). you
should supply proxy credentials to the webrequest.

-- bruce (sqlwork.com)


LarryKuperman said:
Our WebDev team seems to have found a problem that exposes a bug in .NET 2.0.
This problem can be shown when trying to access a WebService using SSL and
through a proxy server after using the HttpWebRequest object.

Under normal circumstances I am able to use the webservice without any
problems. But after using an HttpWebRequest object to make a call to a
website
all subsequent attempts to use the WebService will fail with a 401
Unauthorized error. This problem appears to be directly related to when the
Client's Internet Explorer settings are configured to use a Proxy server for
http requests. If the settings for the proxy server are disabled everything
works as expected.


Server Configuration:
Windows 2003 Server Service Pack 2
IIS 6.0, Using SSL Port 443, Anonymous access disabled, using Integrated
Windows Authentication
.Net 2.0

Client:
Windows XP Service Pack 2
.Net 2.0
IE 7, configured to use a proxy server

Below is sample code that can be used to reproduce the problem with a CSharp
Windows Application.


//PreRequisites: Webservice must be using SSL (https) and does
not allow anoymous connections(using Integrated Windows Authentication)
//Client's IE Settings requires http requests to go through a
Proxy server. (If proxy is not enabled the below scenario works properly)

//Create Web Service Object
YourWebService webServiceObject = new YourWebService();

//Set Credentials for Web Service
webServiceObject.Credentials = new
System.Net.NetworkCredential("username", "password", "domain");

//Call a method from the Web Service. This Call works without
any errors.
object returnObject = webServiceObject.anyWebServiceMethod();

//Create HttpWebRequest Object to any non secure web page
HttpWebRequest webRequestObject =
(HttpWebRequest)HttpWebRequest.Create("http://www.microsoft.com/");
//Call GetResponse
HttpWebResponse testRes =
(HttpWebResponse)webRequestObject.GetResponse();

//Call the same method from the Same Web Service Object. This
call will fail.
returnObject = webServiceObject.anyWebServiceMethod();

//The Above call will fail with the following error
//"The request failed with HTTP status 401: Unauthorized."

//Sample Stack Trace of the error
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
//at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
//at Proxy.[snip].Service.ValidateAccount(String email, String
password, OperatingSystemInfo osInfo) in
C:\Projects\Sandbox\CSharp\ProxyTest\Web References\[snip]\Reference.cs:line
336
//at Proxy.Form1.Form1_Load(Object sender, EventArgs e) in
C:\Projects\Sandbox\CSharp\ProxyTest\Form1.cs:line 38
//at System.Windows.Forms.Form.OnLoad(EventArgs e)
//at System.Windows.Forms.Form.OnCreateControl()
//at System.Windows.Forms.Control.CreateControl(Boolean
fIgnoreVisible)
//at System.Windows.Forms.Control.CreateControl()
//at System.Windows.Forms.Control.WmShowWindow(Message& m)
//at System.Windows.Forms.Control.WndProc(Message& m)
//at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
//at System.Windows.Forms.ContainerControl.WndProc(Message& m)
//at System.Windows.Forms.Form.WmShowWindow(Message& m)
//at System.Windows.Forms.Form.WndProc(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
//at
System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
//at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
//at System.Windows.Forms.SafeNativeMethods.ShowWindow(HandleRef
hWnd, Int32 nCmdShow)
//at System.Windows.Forms.Control.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Form.SetVisibleCore(Boolean value)
//at System.Windows.Forms.Control.set_Visible(Boolean value)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
reason, ApplicationContext context)
//at
System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason,
ApplicationContext context)
//at System.Windows.Forms.Application.Run(Form mainForm)
//at Proxy.Program.Main() in
C:\Projects\Sandbox\CSharp\Proxy\Proxy\Program.cs:line 17
//at System.AppDomain.nExecuteAssembly(Assembly assembly,
String[] args)
//at System.AppDomain.ExecuteAssembly(String assemblyFile,
Evidence assemblySecurity, String[] args)
//at
Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
//at System.Threading.ThreadHelper.ThreadStart_Context(Object
state)
//at System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state)
//at System.Threading.ThreadHelper.ThreadStart()

Please do not hesitate to contact me if you require any additional
information or if you have a solution.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,731
Messages
2,569,432
Members
44,835
Latest member
KetoRushACVBuy

Latest Threads

Top