Passing NetworkCredential to HttpWebRequest in C# from ASP.Net Page

Question

I'm trying to use HTTPWebRequest to access a web service, and am having problems passing credentials in, see code below. I can see the credentials object, nc, being built in the debugger, and also in the assignment to request.Credentials, but when I get to the last line of code it faults with a not authorized error message. I've had our server folks watch the request on the server, and there are no credentials being passed. Am I doing something wrong with the Credentials object, or is there something I need to do that I'm not doing here?

Uri requestUri = null;
Uri.TryCreate("https://mywebserver/webpage"), 
    UriKind.Absolute, out requestUri);

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create
    (requestUri);

NetworkCredential nc =
    new NetworkCredential("user", "password");

request.Credentials = nc;

request.Method = WebRequestMethods.Http.Get;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Have you used Fiddler to see for yourself what you're passing? I dislike relying on server folks to evaluate things like this :) — JustLoren, Nov 05 '09 at 20:36
JustLoren - I didn't know about Fiddler until you posted this comment, I downloaded it and under the Auth tab it says No Proxy-Authorization Header is present. No Authorization Header is present, so I'm still thinking there is something wrong with my code. — Russ Clark, Nov 05 '09 at 21:26
Is there a reason you're not generating a proxy class to call an internal web service? — Ta01, Nov 09 '09 at 21:43
Yes, the service I'm calling is a REST service so there is no wsdl file. — Russ Clark, Nov 10 '09 at 13:17

score 14 · Answer 1 · answered Jun 04 '11 at 21:42

The NetworkCredentials are either extremely non-intuitive, or flaky, or both. Regardless, you can solve the issue by bypassing NetworkCredentials altogether and use this method (which I found, courtesy of mark.michaelis.net)

/* http://mark.michaelis.net/Blog/CallingWebServicesUsingBasicAuthentication.aspx */
byte[] credentialBuffer = new UTF8Encoding().GetBytes(username + ":" +password);
req.Headers["Authorization"] ="Basic " + Convert.ToBase64String(credentialBuffer);

So what you're doing is manually creating a header for your HttpWebRequest and inserting the content as it would appear in a Basic Authentication header. Works like a charm.

Excellent, this one worked, the accepted answer didn't work for me. — Justin Clarke, Mar 12 '14 at 10:23

score 2 · Accepted Answer · edited Nov 07 '16 at 23:19

2

Microsoft Premier Support finally helped me solve this problem by using the CredentialCache class to add the Credentials and the "Basic" authorization:

NetworkCredential nc =
    new NetworkCredential(GetSetting("username"), GetSetting("password"));
CredentialCache cache = new CredentialCache();

cache.Add(requestUri, "Basic", nc);

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUri);

edited Nov 07 '16 at 23:19

ahsteele

26,243
28
134
248

answered Dec 07 '09 at 14:07

Russ Clark

13,260
16
56
81

not using ss l , will the password will be transferred in clear text ? – Royi Namir Nov 20 '12 at 08:47

score 2 · Answer 3 · answered Aug 15 '19 at 12:30

2

It helped me (for Unity3d mono, not ASP.Net):

request.PreAuthenticate = true;

Do not need manual set Authorization header or use CredentialCache.

answered Aug 15 '19 at 12:30

Vladimir Pankov

377
3
8

Passing NetworkCredential to HttpWebRequest in C# from ASP.Net Page

3 Answers3

Linked