none
Passing SecurityCredentials in a web request using c# for a soap service RRS feed

  • Question

  • We have a SOAP based web service and we are able to read its wsdl when we type in the url in Browser. We sit behind a proxy in our network but its not blocking anything and we are always able to read wsdl using browser.But when we enter the url in Browser say `http://ist.services/CoreServices/coreservices?wsdl` it asks for username and password which is not same as my windows credentials. So when i enter the username and password shared by the dev team , it returns the wsdl page. Please note that this webservice is developed and deployed on java based server.

    How do i do the same in c#.net code and how do i pass the Security Crednetials in DiscoveryClientProtocol? I tried the below code which works for the webservices which doesn't ask for the Security credentials.

          // Specify the URL to discover.
                string sourceUrl = "http://ist.services/CoreServices/coreservices?wsdl";
                 
                string outputDirectory = "C:\\Temp";

                DiscoveryClientProtocol client = new DiscoveryClientProtocol();
                var credentials = new NetworkCredential("sunuser1", "xxxxxxx", "");
                
                WebProxy proxy = new WebProxy("http://proxy.bingo:8000/", true) { Credentials = credentials };

                   client.Credentials = credentials;
                // Use default credentials to access the URL being discovered.
                //client.Credentials = credentials;//CredentialCache.DefaultCredentials;
                client.Proxy = proxy;
                String DiscoverMode = "DiscoverAny";
                String ResolveMode = "ResolveAll";
                try
                {
                    DiscoveryDocument doc;
                    // Check to see if whether the user wanted to read in existing discovery results.
                    if (DiscoverMode == "ReadAll")
                    {
                        DiscoveryClientResultCollection results = client.ReadAll(Path.Combine("C:\\Temp", "results.discomap"));
                        //SaveMode.Value = "NoSave";
                    }
                    else
                    {
                        // Check to see if whether the user wants the capability to discover any kind of discoverable document.
                        if (DiscoverMode == "DiscoverAny")
                        {
                            doc = client.DiscoverAny(sourceUrl);
                        }
                        else
                        // Discover only discovery documents, which might contain references to other types of discoverable documents.
                        {
                            doc = client.Discover(sourceUrl);
                        }
                        // Check to see whether the user wants to resolve all possible references from the supplied URL.
                        if (ResolveMode == "ResolveAll")
                            client.ResolveAll();
                        else
                        {
                            // Check to see whether the user wants to resolve references nested more than one level deep.
                            if (ResolveMode == "ResolveOneLevel")
                                client.ResolveOneLevel();
                            else
                                Console.WriteLine("empty");
                        }
                    }
                }
                catch (Exception e2)
                {
                    //DiscoveryResultsGrid.Columns.Clear();
                    //Status.Text = e2.Message;
                    Console.WriteLine(e2.Message);
                }
                // If documents were discovered, display the results in a data grid.
                if (client.Documents.Count > 0)
                    Console.WriteLine(client);

            }
            }

    Since the code didn't help me much , i opened the fiddler to trace the http calls when i manual read the wsdl in browser and i see it takes the credentials i entered as "Authorization: Basic cGDFDdsfdfsdsfdsgsgfg=" . In fiddler i see three calls with responses 401,302 and 200. But in my c#.net code i don't get the 200 response  and it always throws me the 404 error.

    I further debugged this and in httpresponse of client object i see the flag status as `INVOCATION_FLAGS_INITIALIZED | INVOCATION_FLAGS_NEED_SECURITY`

    So looks like i need to pass the credentials as Security Credentials rather than Network credentials.

    Krrishna

    Wednesday, April 5, 2017 10:17 PM

Answers

  • Set .AllowAutoRedirect to true and it'll automatically process the 302 response code and go to the actual page content.
    • Marked as answer by Krrrishna Thursday, April 6, 2017 11:54 PM
    Thursday, April 6, 2017 10:35 PM

All replies

  • Take a look here for how to do basic authentication with WebClient class.
    Thursday, April 6, 2017 1:47 AM
  • Hi Krrrishna,

    Thank you for posting here.

    According to your question is more related to WCF, I will move it to Windows Communication Foundation, Serialization, and Networking forum for suitable support.

    The Visual C# discuss and ask the C# programming language, IDE, libraries, samples and tools.

    If you have some grammar or code errors, please feel free to contact us. We will try our best to give you a solution.

    Thanks for your understanding and cooperation.

    Best Regards,

    Wendy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.


    Thursday, April 6, 2017 6:01 AM
  •  

    Will it work if you try something like below?

               client.ClientCredentials.UserName.UserName = "";
               client.ClientCredentials.UserName.Password = "";

    >> We sit behind a proxy in our network

    In addition, there is a proxy between your client and service, I suggest you try to make a test without proxy in middle. I am not sure whether your proxy will miss the credentials.


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, April 6, 2017 7:58 AM
  • Humm... The webservice is Java based, so not related to WCF.
    Thursday, April 6, 2017 9:33 AM
  • So i cannot use DiscoveryClientProtocol  to achieve the same ? Because DiscoveryClientProtocol   doesnt have .ClientCredentials class?

    Krrishna

    Thursday, April 6, 2017 11:13 AM
  • Hi,

    client here is Web or httpClient object not the DiscoveryClientProtocol ?


    Krrishna

    Thursday, April 6, 2017 2:34 PM
  • The service id deployed by DevOps and we cannot bypass the proxy unfortunately.

    Krrishna

    Thursday, April 6, 2017 2:52 PM
  • Now i am able to authenticate and i get response  302 which i see in fiddler but i get the following message with exception 

    "The request failed with an empty response."
    
    
    There was an error downloading 'http://ist.services/CoreServices/coreservices?wsdl'.
       at System.Web.Services.Discovery.DiscoveryClientProtocol.Download(String& url
    , String& contentType)
       at System.Web.Services.Discovery.DiscoveryClientProtocol.DiscoverAny(String u
    rl)
     
    
     CredentialCache myCredentialCache = new CredentialCache { { new Uri(sourceUrl),
                        "Basic", networkCredential } };
                discoveryClientProtocol.PreAuthenticate = true;
                discoveryClientProtocol.Timeout = 1000000;
                discoveryClientProtocol.Credentials = myCredentialCache;
                discoveryClientProtocol.CookieContainer = new CookieContainer();


    Krrishna


    • Edited by Krrrishna Thursday, April 6, 2017 3:07 PM
    Thursday, April 6, 2017 3:03 PM
  • Set .AllowAutoRedirect to true and it'll automatically process the 302 response code and go to the actual page content.
    • Marked as answer by Krrrishna Thursday, April 6, 2017 11:54 PM
    Thursday, April 6, 2017 10:35 PM
  • Worked :-) 

    Thanks to each one of you experts who helped me with your answers.


    Krrishna

    Thursday, April 6, 2017 11:53 PM