By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,967 Members | 1,554 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,967 IT Pros & Developers. It's quick & easy.

Cookie parsing problem

P: n/a
Hi everyone,

We developped a WebService with Visual Studio .Net and we faced an
authentication problem with a java client. My assumption is that this
is because cookies passed from client are misunderstood by the
framework.

Basically, these are the headers received from the client (I used a
packet sniffer to know exactly what we received from him before the
framework modifies it):
==========================*======================= =======*=
POST /webservices/csaccessservices.*asmx HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(trunc*ated for clarity)
User-Agent: Axis/1.2.1
Cache-control: no-cache
Pragma: no-cache
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
Content-Length: 308
Authorization: Basic Y253ZG5hMTNFXzE6Y253ZG5FMQ==
Cookie: ASP.NET_SessionId=xsigyd55n0nf*4q55kujvolzi
Cookie: IDENTITY=C2AC936CD45DE...(trun*cated for clarity)
==============================*=================== ========

and this is what I have when I look at the headers and server variables

when entering Application_BeginRequest method:
==============================*=================== ========
POST /webservices/csaccessservices.*asmx HTTP/1.0
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 308
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(trunc*ated for clarity)
Authorization: Basic Y253ZG5hMTNFXzE6Y253ZG5FMQ==
Cookie: ASP.NET_SessionId=xsigyd55n0nf*4q55kujvolzi, IDENTITY=C2A...
User-Agent: Axis/1.2.1
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
==============================*=================== ========

As you can see, cookies have been merged on a single line. If it
worked, I wouldn't care about it, but it isn't. When I look at
Context.Request.Cookies object provided by the framework, I see that
there is only one cookie! It's name is ASP.NET_SessionId (the first
cookie) and it's value is the IDENTITY-value (C2A...)!!! So it seems
like the framework doesn't parse correctly the cookies, but I don't
know why??? It doesn't see the second cookie but it takes the second
cookie's value and associate this value with the first cookie. This is
kind of weird!!!

When I ask for the value of
Context.Request.ServerVariable*s["HTTP_COOKIE"], the entire line is
returned.

I was able to reproduce this strange behavior by calling our webservice

using System.Net.WebRequest with a POST method. The cookies were on a
single line and separated by "," and they cookies were parsed by the
framework exactly the same way they are when called from java.

I know that if I call this webservice from a .Net client with
WebReferences it works well, but there is a slight difference between
the calls: cookies are separated by ";" instead of ",".

Any hint or help would be appreciated.

Thanks

Karl

Nov 23 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.