[Mono-list] HTTP Authentication with POST
Hubert FONGARNAND
hubertf-1@altern.org
Mon, 14 Mar 2005 16:17:03 +0100
I want to access a webservice on a IIS host. This webservice is protected with
basic HTTP authentication...
With a normal windows.NET client, it works perfectly, but with my mono svn
i got :
Description: Error processing request.
Error Message: HTTP 500.
Stack Trace:
System.NullReferenceException: Object reference not set to an instance of an
object
in <0x00103> System.Net.BasicClient:InternalAuthenticate
(System.Net.WebRequest webRequest, ICredentials credentials)
in <0x0005c> System.Net.BasicClient:Authenticate (System.String challenge,
System.Net.WebRequest webRequest, ICredentials credentials)
in <0x0011e> System.Net.AuthenticationManager:DoAuthenticate (System.String
challenge, System.Net.WebRequest request, ICredentials credentials)
in <0x00026> System.Net.AuthenticationManager:Authenticate (System.String
challenge, System.Net.WebRequest request, ICredentials credentials)
in <0x00104> System.Net.HttpWebRequest:CheckAuthorization
(System.Net.WebResponse response, HttpStatusCode code)
in (wrapper remoting-invoke-with-check)
System.Net.HttpWebRequest:CheckAuthorization
(System.Net.WebResponse,System.Net.HttpStatusCode)
in <0x000da> System.Net.HttpWebRequest:CheckFinalStatus
(System.Net.WebAsyncResult result)
in (wrapper remoting-invoke-with-check)
System.Net.HttpWebRequest:CheckFinalStatus (System.Net.WebAsyncResult)
in <0x000f2> System.Net.HttpWebRequest:EndGetResponse (IAsyncResult
asyncResult)
in <0x0005f> System.Net.HttpWebRequest:GetResponse ()
in <0x00053> System.Web.Services.Protocols.WebClientProtocol:GetWebResponse
(System.Net.WebRequest request)
in <0x00017>
System.Web.Services.Protocols.HttpWebClientProtocol:GetWebResponse
(System.Net.WebRequest request)
in <0x0015a> System.Web.Services.Protocols.SoapHttpClientProtocol:Invoke
(System.String method_name, System.Object[] parameters)
in <0x00087> FicheClient.ADServices.ADWS:GetIdentity (System.String logon,
System.String password, System.String domaine, Boolean RecursiveRoles,
System.Double executeTime)
in (wrapper remoting-invoke-with-check)
FicheClient.ADServices.ADWS:GetIdentity (string,string,string,bool,double&)
in <0x0028d> FicheClient.Logon:btnValider_Click (System.Object sender,
System.EventArgs e)
in (wrapper delegate-invoke)
System.MulticastDelegate:invoke_void_object_EventArgs
(object,System.EventArgs)
in <0x00069> System.Web.UI.WebControls.Button:OnClick (System.EventArgs e)
I've tried to capture the HTTP stream between my client and the server, I
obtain : (> : client to server, < : server to client)
>POST /adservicesinstall/adws.asmx HTTP/1.1
>User-Agent: Mono Web Services Client Protocol 1.1.4322.573
>SOAPAction: "http://tempuri.org/GetIdentity"
>Content-Type: text/xml; charset=utf-8
>Content-Length: 426
>Expect: 100-continue
>Host: 10.69.100.70
<HTTP/1.1 401 Unauthorized
<Content-Length: 1897
<Content-Type: text/html
<Server: Microsoft-IIS/6.0
<WWW-Authenticate: Negotiate
<WWW-Authenticate: NTLM
<WWW-Authenticate: Basic realm="DOMAINORACLE.local"
<X-Powered-By: ASP.NET
<Date: Mon, 14 Mar 2005 15:11:27 GMT
<<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
<"<http://www.w3.org/TR/html4/strict.dtd">
<<HTML><HEAD><TITLE>Vous n'.tes pas autoris. . afficher cette page</TITLE>
<<META HTTP-EQUIV="Content-Type" Content="text/html; charset=windows-1252">
<<STYLE type="text/css">
< BODY { font: 8pt/12pt verdana }
< H1 { font: 13pt/15pt verdana }
< H2 { font: 8pt/12pt verdana }
< A:link { color: red }
< A:visited { color: maroon }
<</STYLE>
[...]
</TD></TR></TABLE></BODY></HTML>
><?xml version="1.0" encoding="utf-8"?><soap:Envelope
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><GetIdentity
>xmlns="http://tempuri.org/"><logon>hubert</logon><password>....</password><domaine>DOMAINORACLE.local</domaine><RecursiveRoles>true</RecursiveRoles></GetIdentity></soap:Body></soap:Envelope>
Mono seems to ignore the authentication phase... and send the soap answer
without being authenticated...
Does somebody knows this problem...? It's very important...
Thanks
--
Hubert FONGARNAND
Fiducial IT
_______________________________________________
Ce message et les éventuels documents joints peuvent contenir des informations confidentielles.
Au cas où il ne vous serait pas destiné, nous vous remercions de bien vouloir le supprimer et en aviser immédiatement l'expéditeur. Toute utilisation de ce message non conforme à sa destination, toute diffusion ou publication, totale ou partielle et quel qu'en soit le moyen est formellement interdite.
Les communications sur internet n'étant pas sécurisées, l'intégrité de ce message n'est pas assurée et la société émettrice ne peut être tenue pour responsable de son contenu.