401 Unauthorized RRS feed

  • Question

  • User-1142048758 posted

    I have a .NET Windows form application that sends an HTTP POST with a couple of form variables to a web service (RESTful based on Microsoft MVC). I'm getting a very strange behavior with authentication. The Windows form app passes the user's credentials to the web service. Here's how it goes:

    1) I start up the app, I click the button, the POST is sent, a proper JSON response is returned and all is happy. I can continue to POST to the web service successfully

    2) I shut down the application and restart. Click the button, post is sent, still get a 401 error.

    3) I shut down the application and restart again. Same thing happens.

    4) I restart IIS 7 (on a remote server running Windows Server 2008).

    5) Click the button again, it works until I shut down the app and run it again.

     So in a nutshell, I restart IIS 7, I can make one POST with credentials fine, after that I get a 401 error. Now I'm pretty sure this is something dumb I am doing, perhaps something I'm not closing? Sending a POST via FireFox works beautifully.

     My Client Code:

                 request.PreAuthenticate = true;
                request.Credentials = CredentialCache.DefaultCredentials;

                string result = string.Empty;
                using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
                    using (Stream responseStream = response.GetResponseStream())
                        using (StreamReader readStream = new StreamReader(responseStream, Encoding.UTF8))
                            result = readStream.ReadToEnd();
                    if (response != null)


    And I have :

        <authentication mode="Windows"/>
        <identity impersonate="true"/>

     in the Web.Config


    Can anyone help?


    Monday, November 10, 2008 4:38 PM


  • User372121194 posted


    From your description, I understand that the first request is fine, but it doesn't work at second time, right?

    The code looks fine. In your case, we can try to disable "Keep-Alives" for the HTTP.

    For more information, see http://www.west-wind.com/weblog/posts/51891.aspx


    I look forward to hearing from you.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, November 14, 2008 2:08 AM