Httpwebrequest Not Passing Credentials

HttpWebRequest not passing Credentials

If your server uses NTLM authentication you may try this:

CredentialCache cc = new CredentialCache();
cc.Add(
new Uri("https://mywebserver/webpage"),
"NTLM",
new NetworkCredential("user", "password"));
request.Credentials = cc;

HttpWebRequest Authentication not working

Thank you to both Gusman and Prashant, your comments helped steer me in the correct direction and to eventual success. So Gusman, you were right, this wasn't just any authentication standard, it was using Window's IIS service. Googling how to do that with HttpWebRequest led me to building this:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Net;
using System.IO;

namespace AccessAPI
{
class Program
{
static void Main(string[] args)
{
string uri = "http://domain.name/";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri);
request.Method = "GET";
request.UseDefaultCredentials = false;
request.PreAuthenticate = true;
request.Credentials = new NetworkCredential("username", "password");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
StreamReader reader = new StreamReader(response.GetResponseStream());
Console.WriteLine(reader.ReadToEnd());
}
}
}

Now why this works while the other attempts didn't, I don't know. But the crux of it all seems to be based on just the line

request.Credentials = new NetworkCredential("username", "password");

Which, by the way, Prashant, works when I don't use the whole http://domain.name/, just like you said.
Well, hopefully if anyone else is having this exact same problem they'll be able to find this thread and figure things out.

C# Network credentials not being passed to server?

.NET's WebRequest has an infuriating default behavior where it only sends credentials after receiving an HTTP 401 Not Authorized response.

Manually adding the credentials header (as you've done) seems to be the best solution available.

More details in this post

Passing Credentials works for WebRequest but not for HttpClient

As noted here and here this behavior of HttpClient could be because of how HttpClientHandler is implemented.

"[..] the StartRequest method is executed in new thread with the credentials of the asp.net process (not the credentials of the impersonated user) [..]"

You might be seeing the difference in behavior of HttpClient and WebClient because

"HttpClient creates new threads
via the Task Factory. WebClient on the other hand, runs synchronously
on the same thread thereby forwarding its
credentials (i.e. the credentials of the impersonated user) ."

HttpWebRequest not passing Credentials simple form authentication

You say the website is using forms authentication, but your request is using basic authentication credentials:

request.Credentials = new NetworkCredential("username", "password");

You'll need to either switch the website to basic authentication, or perform a POST request against your login page to get the session cookie/token to use in subsequent requests.

Can I make HttpWebRequest include windows credentials without waiting for a 401 challenge?

Ntlm is a challenge/response based authentication protocol. You need to make the first request so that the server can issue the challenge then in the subsequent request the client sends the response to the challenge. The server then verifies this response with the domain controller by giving it the challenge and the response that the client sent.
Without knowing the challenge you can't send the response which is why 2 requests are needed.

Basic authentication is password based so you can short circuit this by sending the credentials with the first request but in my experience this can be a problem for some servers to handle.

More details available here:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa378749(v=vs.85).aspx



Related Topics



Leave a reply



Submit