By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,333 Members | 1,843 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,333 IT Pros & Developers. It's quick & easy.

.NET based SOAP proxy and HTTP Basic Authentication

P: n/a

Hi,

I've created a small forms based application in c# to test a vendor's
product and the web service interface that it exposes. We have deployed two
instances of the vendor product one which has an unprotected (no
authentication) interface and one that is protected using HTTP basic
authentication.

I can invoke methods on the unprotected instance and everything's fine. When
I attempt to invoke methods on the protected instance the request sent in
response to the challenge from the server is truncated and has no message
body.

Ethereal trace below:

POST /ProvisionInterface HTTP/1.1
VsDebuggerCausalityData: <data snipped>
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.blug.com/wsdlUserExists"
Content-Length: 387
Expect: 100-continue
Connection: Keep-Alive
Host: 1.2.3.4:50000

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<UserExists xmlns="http://www.blug.com/wsdl">
<PublicID>
<id>te***@bt.co.uk</id>
<type>1</type>
</PublicID>
</UserExists>
</soap:Body>
</soap:Envelope>

HTTP/1.1 401 UNAUTHORIZED
WWW-Authenticate: Basic realm="ProvisionInterface"
cache-control: no-cache
content-length: 25
content-type: text/html
date: Thu, 22 Jun 2006 12:35:34 GMT
last-modified: Thu, 22 Jun 2006 12:35:34 GMT

POST /ProvisionInterface HTTP/1.1
VsDebuggerCausalityData: <data snipped>
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.blug.com/wsdlUserExists"
Authorization: Basic UFdTSToxMjM0
Content-Length: 387
Expect: 100-continue
Host: 1.2.3.4:50000

<*** message body missing/truncated ***>

The only means I know of influencing the authentication phase is by
attaching a NetworkCredential object to the SOAP proxy and the authentication
process is transparent to the application as far as I'm aware.

Has anyone else experienced this problem ?

Thanks,

Tony
Jun 23 '06 #1
Share this Question
Share on Google+
1 Reply


P: n/a
I've figured out what the problem was (for anyone else who's interested).

It appears that the vendor product is not responding to the
Expect:100-Continue header correctly (i.e. returning 417 Expectation Failed
to indicate it's not a supported feature) and so the SOAP proxy is waiting
for a 100 Continue provisional response prior to sending the message body.

The following line of code stops the SOAP proxy from adding this header to
the SOAP request:

System.Net.ServicePointManager.Expect100Continue = false;
Regards,

Tony

"Tony Stephens" wrote:

Hi,

I've created a small forms based application in c# to test a vendor's
product and the web service interface that it exposes. We have deployed two
instances of the vendor product one which has an unprotected (no
authentication) interface and one that is protected using HTTP basic
authentication.

I can invoke methods on the unprotected instance and everything's fine. When
I attempt to invoke methods on the protected instance the request sent in
response to the challenge from the server is truncated and has no message
body.

Ethereal trace below:

POST /ProvisionInterface HTTP/1.1
VsDebuggerCausalityData: <data snipped>
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.blug.com/wsdlUserExists"
Content-Length: 387
Expect: 100-continue
Connection: Keep-Alive
Host: 1.2.3.4:50000

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<UserExists xmlns="http://www.blug.com/wsdl">
<PublicID>
<id>te***@bt.co.uk</id>
<type>1</type>
</PublicID>
</UserExists>
</soap:Body>
</soap:Envelope>

HTTP/1.1 401 UNAUTHORIZED
WWW-Authenticate: Basic realm="ProvisionInterface"
cache-control: no-cache
content-length: 25
content-type: text/html
date: Thu, 22 Jun 2006 12:35:34 GMT
last-modified: Thu, 22 Jun 2006 12:35:34 GMT

POST /ProvisionInterface HTTP/1.1
VsDebuggerCausalityData: <data snipped>
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.blug.com/wsdlUserExists"
Authorization: Basic UFdTSToxMjM0
Content-Length: 387
Expect: 100-continue
Host: 1.2.3.4:50000

<*** message body missing/truncated ***>

The only means I know of influencing the authentication phase is by
attaching a NetworkCredential object to the SOAP proxy and the authentication
process is transparent to the application as far as I'm aware.

Has anyone else experienced this problem ?

Thanks,

Tony

Jun 23 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.