Re: HttpWebRequest and Forms Authentication

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 10/21/04 

Date: Thu, 21 Oct 2004 16:37:46 -0500

Before that, you will probably need to make a separate request to the
authentication page and post some credentials so that you can get the cookie
value to begin with. It may be possible to hardcode a cookie value that
will work, but generally these things expire, so you'd probably need to get
one dynamically. Use an HTTP debugger like Fiddler to see the exact format
of the post so that you can replicate it in code.

In general, forms auth is not well suited for screen scraping or web
services-type of authentication. However, you can do it if you really want
to.

Joe K.

"Jorge Matos" <JorgeMatos@discussions.microsoft.com> wrote in message
news:5E2C9A0A-0A1F-43B2-A78C-B012657A9744@microsoft.com...
> You probably need to add the Forms Authentication cookie as a http header
> in
> your request to the other web page. The WebRequest type has a "headers"
> property that you can use to add the Forms Authentication cookie to - then
> when you make the request with the WebRequest object, your forms auth
> cookie
> will go along for the ride.
>
> hth
> Jorge
>
> "Matthew Judd" wrote:
>
>> I am using Forms Authentication on my site, this process mostly works
>> fine.
>> The problem I am having is that I have a page that uses an HttpWebRequest
>> object to get the html generated from one of the aspx pages within my
>> site,
>> which it then emails to somebody. The problem I have with this is that
>> the
>> email gets the login page instead of the page I requested, because when I
>> do
>> the WebRequest it gets sent to the forms authentication login page that I
>> have specified. I need to be able to get my WebRequest to bypass the
>> forms
>> authentication for this request, but I do not know how. Any suggestions
>> would
>> be appreciated.
>>
>> Matthew Judd

Relevant Pages

  • Re: Problem with Forms Authentication cookies
    ... > only 2, the ASP.NET_SessionID cookie and the Forms Authentication cookie, ... > The next request coming is is a GET request for the Forms Authentication ... > In looking at the logs for NORMAL expired authentication redirects these ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Forms Authentication problem with WebRequest
    ... The normal request will go like this: ... handles login, redirects to page.aspx, passes a cookie or url variable ... reqests page.aspx and sends cookie back to server ... - authenticating has nothing to do with this scenario, but with server authentication. ...
    (microsoft.public.dotnet.framework)
  • RE: Forms authentication cookie handling question (C#)
    ... I also replaced all of my ticket authentication code with the ... // Username and or password not found in our database... ... LoginControl's default code logic to generate authentication cookie. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: HttpWebRequest and Forms Authentication
    ... separate request though, if the user is already authenticated then you can ... you are hitting an external web site that is using Forms Auth. ... > authentication page and post some credentials so that you can get the cookie ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Forms Authentication
    ... The DNS entry for my domain was not set corrretly, ... This should have overcome the cookie ... authentication ticketis not correctly set to the domain your ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet)