Does HttpWebRequest.PreAuthenticate cache proxy credentials RRS feed

  • Question

  • This excellent article provides a good explanation of what the WebRequest.PreAuthenticate property actually does in terms of caching authentication credentials.

    The takeaway is that, by setting the PreAuthenticate property to true, an application would only have to prompt the user once for his credentials.  Upon receiving an initial HTTP 401 response challenge, it would set the request's Credentials property with the credentials obtained from the user, and then retry the request.  Thereafter, .NET will cache the credentials internally and automatically use them for future requests to the same server.

    So an application does not need to store credentials itself (e.g., using a CredentialCache), because .NET is already doing that for you.

    However, the article focuses on handling HTTP 401 UNAUTHORIZED responses from the destination server.  What about HTTP 407 PROXY AUTHENTICATION REQUIRED responses from a proxy server that may exist between the client and the destination server.? Does PreAuthenticate cache credentials set on the Proxy.Credentials property of proxy objects?  Is there a way to do this?

    • Edited by nrcaliendo Monday, September 19, 2016 1:47 AM
    Sunday, September 18, 2016 7:37 PM


  • Hi nrcaliendo,

    Thank you for posting here.

    For your question, PreAuthenticate could not cache credentials set on the Proxy.Credentials property of proxy objects.

    PreAuthenticate and Uri are bound.

    After a client request to a specific Uri is successfully authenticated, if PreAuthenticate is true and credentials are supplied, the Authorization header is sent with each request to any Uri that matches the specific Uri up to the last forward slash. However the proxy could not do that.

    For more details about HttpWebRequest.PreAuthenticate Property, please refer to the link.

    PreAuthenticate won’t cache the proxy’s credential. So the workaround maybe:

    • Using defaultcredential for his proxy.
    • Hard code credential in his code when initializing his proxy.

    Here is an example about Proxy Authentication.

    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(URL); IWebProxy proxy = request.Proxy; if (proxy != null) { Console.WriteLine("Proxy: {0}", proxy.GetProxy(request.RequestUri)); } else { Console.WriteLine("Proxy is null; no proxy will be used"); } WebProxy myProxy = new WebProxy(); Uri newUri = new Uri(""); // Associate the newUri object to 'myProxy' object so that new myProxy settings can be set. myProxy.Address = newUri; // Create a NetworkCredential object and associate it with the // Proxy property of request object. myProxy.Credentials = new NetworkCredential("userName", "password"); request.Proxy = myProxy;

    For more details about Proxy Authentication, please refer to the link.

    I hope this would be helpful to you.

    If you have something else, please feel free to contact us.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, September 19, 2016 10:38 AM