posting login credentials and __VIEWSTATE using HttpWebRequest fails

  • Thread starter msnews.microsoft.com
  • Start date
M

msnews.microsoft.com

I have been raking my brains on why this does not work. I get back the same
login screen again instead of the home page redirection which should occur
after a successful login:

'create a cookie container so it can be shared between requests
so that authentication can be maintained
Dim objCookieCont As New CookieContainer

'create request to get the __VIEWSTATE of Authorize.NET's
Logon.aspx page
Dim objRequest As HttpWebRequest =
WebRequest.Create("https://account.authorize.net/ui/themes/anet/Logon.aspx")
objRequest.CookieContainer = objCookieCont

'get initial Logon page
Dim objReader As New
IO.StreamReader(objRequest.GetResponse().GetResponseStream())
Dim strResponseString As String = objReader.ReadToEnd()
objReader.Close()

'parse page for VIEWSTATE value
Dim objRegEx As New Regex("__VIEWSTATE"" value="".*""")
Dim objMatch As Match = objRegEx.Match(strResponseString)
If Not objMatch.Success Then _
Throw New ApplicationException("Could not parse __VIEWSTATE
from Authorise.Net's Logon.aspx.")
Dim strViewState As String = objMatch.ToString
strViewState = strViewState.Replace("__VIEWSTATE"" value=", "")
strViewState = strViewState.Replace("""", "")

'create data posting
Dim objConfig As Specialized.NameValueCollection =
ConfigurationManager.GetSection("CreditCardTrans/Authorise.NET")
Dim strPostData As String =
String.Format("__VIEWSTATE={0}&MerchantLogin={1}&Password={2}",
strViewState, objConfig("Login"), objConfig("Password"))
strPostData = HttpUtility.UrlEncode(strPostData)

'create new request for credential submittion
objRequest =
WebRequest.Create("https://account.authorize.net/ui/themes/anet/Logon.aspx")
With objRequest
.CookieContainer = objCookieCont
.Method = "POST"
.ContentType = "application/x-www-form-urlencoded"
.ContentLength = strPostData.Length
End With

'add data post to request
Dim objWriter As New
IO.StreamWriter(objRequest.GetRequestStream())
objWriter.Write(strPostData)
objWriter.Close()

'get response
objReader = New
IO.StreamReader(objRequest.GetResponse().GetResponseStream())
strResponseString = objReader.ReadToEnd()
objReader.Close()
Response.Write(strResponseString)

What is strange is that the following html works (just to prove that this
site can be logged into) however I can not use it like this because I need
to do multiple followup calls after authentication which need to use the
same session cookie:

<form name="form1" method="post"
action="https://account.authorize.net/ui/themes/anet/Logon.aspx">
<input type="hidden" name="__VIEWSTATE"
value="dDw2ODc5MDg1MDk7dDw7bDxpPDA+O2k8MT47aTw3Pjs+O2w8dDxwPGw8VGV4dDs+O2w8QXV0aG9yaXplLk5FVCBXZWxjb21lOz4+Ozs+O3Q8O2w8aTwwPjs+O2w8dDw7bDxpPDA+Oz47bDx0PHA8cDxsPFZpc2libGU7PjtsPG88Zj47Pj47PjtsPGk8MT47aTwzPjtpPDU+O2k8Nj47PjtsPHQ8cDxsPGhyZWY7PjtsPC91aS90aGVtZXMvYW5ldC9sb2dvbi5hc3B4P3N1Yj1sb2dvdXQ7Pj47Oz47dDxwPGw8aHJlZjs+O2w8amF2YXNjcmlwdDogdmFyIHdpbiA9IHdpbmRvdy5vcGVuKCcvdWkvdGhlbWVzL2FuZXQvQ29udGFjdFVzL0ZlZWRiYWNrLmFzcHgnLCAnRmVlZGJhY2snLGNvbmZpZz0naGVpZ2h0PTUwMCx3aWR0aD03NTAsc2Nyb2xsYmFycz0wLCByZXNpemFibGU9MScpXDs7Pj47Oz47dDxwPGw8aHJlZjs+O2w8amF2YXNjcmlwdDogdmFyIHdpbiA9IHdpbmRvdy5vcGVuKCcvdWkvdGhlbWVzL2FuZXQvQ29udGFjdFVzL1N1cHBvcnQuYXNweCcsJ3N1cHBvcnQnLGNvbmZpZz0naGVpZ2h0PTUwMCx3aWR0aD03NTAsc2Nyb2xsYmFycz0wLCByZXNpemFibGU9MScpOz4+Ozs+O3Q8O2w8aTwxPjs+O2w8dDxwPGw8aHJlZjs+O2w8amF2YXNjcmlwdDp2YXIgd2luID0gd2luZG93Lm9wZW4oJy91aS90aGVtZXMvYW5ldC9Db250YWN0VXMvQ2hhdC5hc3B4JywnY2hhdCcsY29uZmlnPSdoZWlnaHQ9MzUwLHdpZHRoPTUwMCxzY3JvbGxiYXJzPTAsIHJlc2l6YWJsZT0xJylcOzs+Pjs7Pjs+Pjs+Pjs+Pjs+Pjt0PDtsPGk8MT47PjtsPHQ8cDxwPGw8VmlzaWJsZTs+O2w8bzxmPjs+Pjs+Ozs+Oz4+Oz4+Oz7rZCEFmJBwE1vGe4gpM1ANQ6UhNA=="
/>
<input type="hidden" name="MerchantLogin" value="username">
<input type="hidden" name="Password" value="password">
</form>
<script language="javascript">document.all.form1.submit();</script>

Here I hardcoded the viewstate taken from login page just to test.

Thanks
Perry
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top