Re: HttpWebRequest and Forms Authentication
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 10/22/04
- Previous message: Jorge Matos: "Re: HttpWebRequest and Forms Authentication"
- In reply to: Jorge Matos: "Re: HttpWebRequest and Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Oct 2004 21:15:08 -0500
I Agree with you as well. I missed the part about this being on the same
site and already having the cookie.
Fiddler is quite cool. I think you will find it quite useful.
Joe K.
"Jorge Matos" <JorgeMatos@discussions.microsoft.com> wrote in message
news:D545634D-3B7B-4722-A1F4-5B8E68C603F9@microsoft.com...
>I didn't know about Fiddler - gotta look into that. I disagree about the
> separate request though, if the user is already authenticated then you can
> programmatically access the Forms Auth Cookie that is already present as a
> header in the current request context, and since Matthew is hitting a web
> page that is already in the site this should work. I agree with you only
> if
> you are hitting an external web site that is using Forms Auth.
>
> "Joe Kaplan (MVP - ADSI)" wrote:
>
>> Before that, you will probably need to make a separate request to the
>> authentication page and post some credentials so that you can get the
>> cookie
>> value to begin with. It may be possible to hardcode a cookie value that
>> will work, but generally these things expire, so you'd probably need to
>> get
>> one dynamically. Use an HTTP debugger like Fiddler to see the exact
>> format
>> of the post so that you can replicate it in code.
>>
>> In general, forms auth is not well suited for screen scraping or web
>> services-type of authentication. However, you can do it if you really
>> want
>> to.
>>
>> Joe K.
>>
>> "Jorge Matos" <JorgeMatos@discussions.microsoft.com> wrote in message
>> news:5E2C9A0A-0A1F-43B2-A78C-B012657A9744@microsoft.com...
>> > You probably need to add the Forms Authentication cookie as a http
>> > header
>> > in
>> > your request to the other web page. The WebRequest type has a
>> > "headers"
>> > property that you can use to add the Forms Authentication cookie to -
>> > then
>> > when you make the request with the WebRequest object, your forms auth
>> > cookie
>> > will go along for the ride.
>> >
>> > hth
>> > Jorge
>> >
>> > "Matthew Judd" wrote:
>> >
>> >> I am using Forms Authentication on my site, this process mostly works
>> >> fine.
>> >> The problem I am having is that I have a page that uses an
>> >> HttpWebRequest
>> >> object to get the html generated from one of the aspx pages within my
>> >> site,
>> >> which it then emails to somebody. The problem I have with this is that
>> >> the
>> >> email gets the login page instead of the page I requested, because
>> >> when I
>> >> do
>> >> the WebRequest it gets sent to the forms authentication login page
>> >> that I
>> >> have specified. I need to be able to get my WebRequest to bypass the
>> >> forms
>> >> authentication for this request, but I do not know how. Any
>> >> suggestions
>> >> would
>> >> be appreciated.
>> >>
>> >> Matthew Judd
>>
>>
>>
- Previous message: Jorge Matos: "Re: HttpWebRequest and Forms Authentication"
- In reply to: Jorge Matos: "Re: HttpWebRequest and Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
