locked
Exception executing AuthenticatedConnection.LogOn method RRS feed

  • Question

  • Hello,

    I am developing a "Web Service" gateway application for integrating with HealthVault.

    The app I am building will have a presentation layer using non .NET technology.

    We are building a .NET "Web Service" proxy / component / facade for accessing HealthVault data.

    I am able to redirect users to the Wildcat login page to receive a wctoken.

    However when I pass the wctoken to  the AuthenticatedConnection.LogOn  method I receive the following cryptic exception:

    An XML comment cannot contain '--', and '-' cannot be the last character. Line 5, position 41. 

    at System.Xml.XmlTextReaderImpl.Throw(Exception e)
    at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
    at System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res)
    at System.Xml.XmlTextReaderImpl.ParseCDataOrComment(XmlNodeType type, Int32& outStartPos, Int32& outEndPos)
    at System.Xml.XmlTextReaderImpl.ParseCDataOrComment(XmlNodeType type)
    at System.Xml.XmlTextReaderImpl.ParseComment()
    at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
    at System.Xml.XmlTextReaderImpl.Read()
    at System.Xml.XmlReader.ReadToFollowing(String name)
    at Microsoft.Health.SDKHelper.ReadUntil(XmlReader xmlReader, String elementName)
    at Microsoft.Health.HealthServiceRequest.HandleResponseStreamResult(Stream stream)
    at Microsoft.Health.AuthenticatedConnection.VerifyTicketWithShell(Guid appId, String ticket, CryptoHash sharedSecret)
    at Microsoft.Health.AuthenticatedConnection.LogOn(String passportTicket, Guid callingApplicationId, Uri healthServiceUrl)
    at HvProxyData.Dao.HvDao.GetSession(String wctoken) in C:\Documents and Settings\rseward\My Documents\Visual Studio 2005\Projects\HVProxyConnector\ProxyHvData\Dao\HvDao.cs:line 68
     I am using the HelloWorld AppId for this Web Service. I have installed the HelloWorld certificate.

    The HelloWorld application works fine for me in my development environment. However my Web Service Proxy always receives this exception after receiving the wctoken from a successful wildcat login.

    Some help with this would be appreciated.

    Wednesday, April 23, 2008 5:31 AM

Answers

  • For what you're doing, I would expect that you would be using offline mode, where the user authorizes the application once, and then you manage your own credentials to access your portal.  There's an offline sample in the sdk that explains how to use offline access.

     

    If you don't think that meets your needs, I'd like to understand better what the flow is for the user when the run the application. What pages do they hit in what order, what information do they enter, etc.

    Monday, April 28, 2008 6:34 PM
  • You are basically doing everything correct except one thing.  AuthenticatedConnection.LogOn() is intended to be used by thick-clients where they can't do redirection to the HealthVault logon page.  The parameter taken is actually the Live ID ticket rather than HealthVault token (WCToken).  To create a connection using the WCToken you have to do the following:

     

    Code Snippet

    WebApplicationCredential credential = new WebApplicationCredential(WebApplicationConfiguration.AppId, wcToken);

    AuthenticatedConnection connection = new AuthenticatedConnection(credential);

     

     

     

    From here on you can use the AuthenticatedConnection instance as usual.

     

    Jeff Jones

     

     

    Tuesday, April 29, 2008 4:49 PM

All replies

  • Can you explain a bit more about the various parts of your application - how they operate, whether they run as online or offline applications, etc.?

     

    That will help us figure out how to advise you.

    Friday, April 25, 2008 9:07 PM
  • The application we are building is an Online application. The web service component is providing data to a web front end built using PHP.

    The code snippet where the exception is being thrown is as follows:

    AuthenticatedConnection conn = AuthenticatedConnection.LogOn(wctoken, WebApplicationConfiguration.AppId, WebApplicationConfiguration.HealthServiceUrl);

    wctoken is the base 64 encoded token received from Windows Live / Passport. In other words the wctoken parmeter passed back to HealthVault applications in the post login URL.

    Please let me know if you need more detailed  information than this to assist us.


    Thank you,
    Rob
    Saturday, April 26, 2008 2:58 AM
  • For what you're doing, I would expect that you would be using offline mode, where the user authorizes the application once, and then you manage your own credentials to access your portal.  There's an offline sample in the sdk that explains how to use offline access.

     

    If you don't think that meets your needs, I'd like to understand better what the flow is for the user when the run the application. What pages do they hit in what order, what information do they enter, etc.

    Monday, April 28, 2008 6:34 PM
  • Hello Eric,

    This is the ideal page flow we would like to have.

    We would like the user to login using their Windows Live ID credientials. Our PHP app will re-direct the user to login. After the login is complete the user will be redirected back to our PHP app. This all happens as it should and we receive a wctoken as expected.

    The PHP App then calls the .NET Web Service component to gather HealthVault data to display. We will allow the user to view / edit a large amount of HealthVault data  much like the HealthAndFitness  sample. The .NET Web Service component is resposible for caching / manipulating the HealthVault data.

    The exception occurs when we try to pass the wctoken to the LogOn method. Thus our .NET Web Service component is unable to access the user's HV data.

    The PHP App renders the HV data onto web pages for the HV user to use.

    Let me know if you need more specific information to  resolve this issue.

    I have seen the WildcatPage.cs source that was released recently. The source for HealthServicePage does not seem to have an example of using the LogOn method. I found the examples (although out of date) in the HealthVaultDevelopersGuide.xps (revision 9/26/07)

    Thank you,
    Rob
    Monday, April 28, 2008 7:08 PM
  • You are basically doing everything correct except one thing.  AuthenticatedConnection.LogOn() is intended to be used by thick-clients where they can't do redirection to the HealthVault logon page.  The parameter taken is actually the Live ID ticket rather than HealthVault token (WCToken).  To create a connection using the WCToken you have to do the following:

     

    Code Snippet

    WebApplicationCredential credential = new WebApplicationCredential(WebApplicationConfiguration.AppId, wcToken);

    AuthenticatedConnection connection = new AuthenticatedConnection(credential);

     

     

     

    From here on you can use the AuthenticatedConnection instance as usual.

     

    Jeff Jones

     

     

    Tuesday, April 29, 2008 4:49 PM