Dear ASP.NET Programmers,
How can I post data to an ASP.NET login page and pass authentication? The
login page uses forms
authentication, users must supply usernames and password and have to click
on a submit button. I
want to automate this process by supplying values with HttpWebRequest and
then download a file on
the site. I think that I cannot invoke the submit button. Pleeeasee help,
thanks in advance
Dim myWebReq As HttpWebRequest
Dim myWebResp As HttpWebResponse
Dim encoding As New System.Text.ASCIIEncoding()
Dim postData As String
Dim data() As Byte
Dim sr As StreamReader
Dim sw As StreamWriter
postData += "txtUsername=b"
postData += "&"
postData += "txtPassword=k"
data = encoding.GetBytes(postData)
myWebReq =
WebRequest.Create("http://burak/database/medicalDocs/F325_fittoflyreport.asp
x")
myWebReq.Method = "POST"
myWebReq.ContentType = "application/x-www-form-urlencoded"
myWebReq.ContentLength = data.Length
Dim myStream As Stream = myWebReq.GetRequestStream()
myStream.Write(data, 0, data.Length)
myStream.Close()
myWebResp = myWebReq.GetResponse
sr = New StreamReader(myWebResp.GetResponseStream)
Dim strHTML As String = sr.ReadToEnd
sw = File.CreateText("d:\Downloads\1.htm")
sw.WriteLine(strHTML)
sw.Close()
Response.WriteFile("d:\Downloads\1.htm") 10 31921
"buran" <bu***@buran.com> wrote in message
news:OJ**************@TK2MSFTNGP09.phx.gbl... Dear ASP.NET Programmers,
How can I post data to an ASP.NET login page and pass authentication? The login page uses forms authentication, users must supply usernames and password and have to click on a submit button. I want to automate this process by supplying values with HttpWebRequest and then download a file on the site. I think that I cannot invoke the submit button. Pleeeasee help, thanks in advance
I could swear I answered this question before...
You are attempting to substitute code for a browser. Your code will have to
do what the browser would have done:
1) Browser attempts to reach a protected page, for instance, protected.aspx
2) Forms Authentication sees that the request does not include a Forms
Authentication Ticket in the proper cookie, so the server replies with a
"302 Page Moved" status, and a Location header pointing to the login page.
3) The browser requests the login page specified.
4) The server responds with the login page
5) The user fills in the login page and submits the form, so the browser
POSTs the form back to the login page
6) If the credentials are valid, the server responds with another "302 Page
Moved" status, a Location header pointing to protected.aspx, and a
Set-Cookie header providing the encrypted Forms Authentication Ticket.
7) The browser then requests protected.aspx, but this time supplies the
Forms Authentication Ticket in a Cookie header
8) Forms Authentication sees that the request includes a valid Forms
Authentication Ticket, so it permits the access. The server responds with
the protected page.
This is what your code will need to duplicate.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
Hi Buran.
I don't know if this is really VB.net related, but it can be.
If I understand you right you want to pass the authentication from a user
who is already once before logged in.
That is normaly done with a cookie, so why are you not using that.
I know how to do it with vb.script and JScript but I never did it with
vb.net.
When this is what you want and you want to do it using VB.net aspx.vb and
you cannot figured out how.
Message than tomorrow again.
Maybe I can help you then searching for the sollution.
I did not try it because I had the last days problems with my computer.
Cor
PS. post if it is a VB.net language problem with the subject "VB.net
language webform authentication problem" and only to this newsgroup.
Yes, that's what I want to do. I would be thankful if you helped me.
Thanks...
Buran
"Cor" <no*@non.com> wrote in message
news:3f***********************@reader21.wxs.nl... Hi Buran.
I don't know if this is really VB.net related, but it can be.
If I understand you right you want to pass the authentication from a user who is already once before logged in.
That is normaly done with a cookie, so why are you not using that.
I know how to do it with vb.script and JScript but I never did it with vb.net.
When this is what you want and you want to do it using VB.net aspx.vb and you cannot figured out how. Message than tomorrow again. Maybe I can help you then searching for the sollution.
I did not try it because I had the last days problems with my computer.
Cor
PS. post if it is a VB.net language problem with the subject "VB.net language webform authentication problem" and only to this newsgroup.
Hi Buran,
It is not difficult and it is vb.language code.
To test it:
Open in your VB IDE an ASP.Net web application
Drags 2 textboxes and one button on the form
past the code beneath in the "on load sub" from the code
\\\\
If Not IsPostBack Then
If Not Request.Cookies("buran") Is Nothing Then
Me.TextBox1.Text = Request.Cookies("buran")("user").ToString
Me.TextBox2.Text = Request.Cookies("buran")("pw").ToString
End If
Else
'Do something if the value of textbox1 "user" and texbox2 "pw"
are not correct.
Dim dt As DateTime = DateTime.Now()
Dim ts As New TimeSpan(80, 0, 0, 0) '80 days
(days,hours,minutes,seconds)
Response.Cookies("buran").Expires = dt.Add(ts)
Response.Cookies("buran")("user") = Me.TextBox1.Text
Response.Cookies("buran")("pw") = Me.TextBox2.Text
End If
////
Try it, for me it did work as I expected, I d'nt know if this is what you
need?.
To test it you have every time to delete the cookie or set it on 2 minutes
or so
I hope this helps,
Cor.
I am using following code but for no good. Maybe you can help me on this...
On the logindeneme.aspx page
Private Sub btnValidate_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles btnValidate.Click
If FormsAuthentication.Authenticate(txtUsername.Text,
txtPassword.Text) Then
Dim tkt As FormsAuthenticationTicket
Dim cookiestr As String
Dim ck As HttpCookie
tkt = New FormsAuthenticationTicket(txtUsername.Text, False,
120)
cookiestr = FormsAuthentication.Encrypt(tkt)
Session.Add("c", cookiestr)
ck = New HttpCookie(FormsAuthentication.FormsCookieName(),
cookiestr)
Response.Cookies.Add(ck)
Dim strRedirect As String
strRedirect = Request("ReturnURL")
If strRedirect <> "" Then
Response.Redirect(strRedirect, True)
Else
strRedirect = "logindeneme.aspx"
Response.Redirect(strRedirect, True)
End If
Else
lblMessage.Text = "Invalid username/password"
End If
End Sub
and then in the page where I am requesting the page to be downloaded..
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim myWebReq As HttpWebRequest
Dim myWebResp As HttpWebResponse
Dim strHTML As String
Dim c As New Cookie()
Dim sr As StreamReader
Dim sw As StreamWriter
Dim cc As New CookieContainer()
myWebReq = WebRequest.Create("http://burak/LoginDeneme/secret.aspx")
c.Name = FormsAuthentication.FormsCookieName()
c.Value = Session("c")
c.Domain = "http://burak/LoginDeneme"
cc.Add(c)
myWebReq.CookieContainer = cc
myWebResp = myWebReq.GetResponse
sr = New StreamReader(myWebResp.GetResponseStream)
strHTML = sr.ReadToEnd
sw = File.CreateText("d:\Downloads\1.htm")
sw.WriteLine(strHTML)
sw.Close()
Response.WriteFile("d:\Downloads\1.htm")
End Sub
What am I missing? Thank you very much for your help..
buran
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:es*************@TK2MSFTNGP12.phx.gbl... "buran" <bu***@buran.com> wrote in message news:OJ**************@TK2MSFTNGP09.phx.gbl... Dear ASP.NET Programmers,
How can I post data to an ASP.NET login page and pass authentication?
The login page uses forms authentication, users must supply usernames and password and have to
click on a submit button. I want to automate this process by supplying values with HttpWebRequest
and then download a file on the site. I think that I cannot invoke the submit button. Pleeeasee
help, thanks in advance I could swear I answered this question before...
You are attempting to substitute code for a browser. Your code will have
to do what the browser would have done:
1) Browser attempts to reach a protected page, for instance,
protected.aspx 2) Forms Authentication sees that the request does not include a Forms Authentication Ticket in the proper cookie, so the server replies with a "302 Page Moved" status, and a Location header pointing to the login page. 3) The browser requests the login page specified. 4) The server responds with the login page 5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login page 6) If the credentials are valid, the server responds with another "302
Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket. 7) The browser then requests protected.aspx, but this time supplies the Forms Authentication Ticket in a Cookie header 8) Forms Authentication sees that the request includes a valid Forms Authentication Ticket, so it permits the access. The server responds with the protected page.
This is what your code will need to duplicate. -- John Saunders Internet Engineer jo***********@surfcontrol.com
I am using following code but for no good. Maybe you can help me on this...
On the logindeneme.aspx page
Private Sub btnValidate_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles btnValidate.Click
If FormsAuthentication.Authenticate(txtUsername.Text,
txtPassword.Text) Then
Dim tkt As FormsAuthenticationTicket
Dim cookiestr As String
Dim ck As HttpCookie
tkt = New FormsAuthenticationTicket(txtUsername.Text, False,
120)
cookiestr = FormsAuthentication.Encrypt(tkt)
Session.Add("c", cookiestr)
ck = New HttpCookie(FormsAuthentication.FormsCookieName(),
cookiestr)
Response.Cookies.Add(ck)
Dim strRedirect As String
strRedirect = Request("ReturnURL")
If strRedirect <> "" Then
Response.Redirect(strRedirect, True)
Else
strRedirect = "logindeneme.aspx"
Response.Redirect(strRedirect, True)
End If
Else
lblMessage.Text = "Invalid username/password"
End If
End Sub
and then in the page where I am requesting the page to be downloaded..
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim myWebReq As HttpWebRequest
Dim myWebResp As HttpWebResponse
Dim strHTML As String
Dim c As New Cookie()
Dim sr As StreamReader
Dim sw As StreamWriter
Dim cc As New CookieContainer()
myWebReq = WebRequest.Create("http://burak/LoginDeneme/secret.aspx")
c.Name = FormsAuthentication.FormsCookieName()
c.Value = Session("c")
c.Domain = "http://burak/LoginDeneme"
cc.Add(c)
myWebReq.CookieContainer = cc
myWebResp = myWebReq.GetResponse
sr = New StreamReader(myWebResp.GetResponseStream)
strHTML = sr.ReadToEnd
sw = File.CreateText("d:\Downloads\1.htm")
sw.WriteLine(strHTML)
sw.Close()
Response.WriteFile("d:\Downloads\1.htm")
End Sub
What am I missing? Thank you very much for your help..
buran
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:es*************@TK2MSFTNGP12.phx.gbl... "buran" <bu***@buran.com> wrote in message news:OJ**************@TK2MSFTNGP09.phx.gbl... Dear ASP.NET Programmers,
How can I post data to an ASP.NET login page and pass authentication?
The login page uses forms authentication, users must supply usernames and password and have to
click on a submit button. I want to automate this process by supplying values with HttpWebRequest
and then download a file on the site. I think that I cannot invoke the submit button. Pleeeasee
help, thanks in advance I could swear I answered this question before...
You are attempting to substitute code for a browser. Your code will have
to do what the browser would have done:
1) Browser attempts to reach a protected page, for instance,
protected.aspx 2) Forms Authentication sees that the request does not include a Forms Authentication Ticket in the proper cookie, so the server replies with a "302 Page Moved" status, and a Location header pointing to the login page. 3) The browser requests the login page specified. 4) The server responds with the login page 5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login page 6) If the credentials are valid, the server responds with another "302
Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket. 7) The browser then requests protected.aspx, but this time supplies the Forms Authentication Ticket in a Cookie header 8) Forms Authentication sees that the request includes a valid Forms Authentication Ticket, so it permits the access. The server responds with the protected page.
This is what your code will need to duplicate. -- John Saunders Internet Engineer jo***********@surfcontrol.com
"buran" <bu***@buran.com> wrote in message
news:e7**************@TK2MSFTNGP11.phx.gbl... I am using following code but for no good. Maybe you can help me on
this...
Please tell us what you mean when you say "but for no good". What is the
specific problem? Perhaps an exception is thrown? Perhaps there is a
timeout? Please be more specific.
.... and then in the page where I am requesting the page to be downloaded..
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click myWebReq =
WebRequest.Create("http://burak/LoginDeneme/secret.aspx") c.Name = FormsAuthentication.FormsCookieName() c.Value = Session("c") c.Domain = "http://burak/LoginDeneme" cc.Add(c) http://burak/LoginDeneme is not a domain. "burak" is a domain. Please try
that, and if it doesn't work, let us know in detail what the result is.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:O1**************@tk2msftngp13.phx.gbl... "buran" <bu***@buran.com> wrote in message news:e7**************@TK2MSFTNGP11.phx.gbl... I am using following code but for no good. Maybe you can help me on this...
Please tell us what you mean when you say "but for no good". What is the specific problem? Perhaps an exception is thrown? Perhaps there is a timeout? Please be more specific.
Ok you're right. I am getting the login page
(http://burak/LoginDeneme/LoginDeneme.aspx) on the browser instead of the
the http://burak/LoginDeneme/al.aspx.
So the code writes the contents of the login page to the disk
(d:\Downloads\1.htm). It cannot pass the authentication.
Yeesss, changing to c.Domain = "burak" worked. Thank you very very much..
:))
... and then in the page where I am requesting the page to be downloaded..
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click myWebReq = WebRequest.Create("http://burak/LoginDeneme/secret.aspx") c.Name = FormsAuthentication.FormsCookieName() c.Value = Session("c") c.Domain = "http://burak/LoginDeneme" cc.Add(c)
http://burak/LoginDeneme is not a domain. "burak" is a domain. Please try that, and if it doesn't work, let us know in detail what the result is.
-- John Saunders Internet Engineer jo***********@surfcontrol.com
"John Saunders" <jo***********@surfcontrol.com> wrote in message news:<es*************@TK2MSFTNGP12.phx.gbl>... "buran" <bu***@buran.com> wrote in message news:OJ**************@TK2MSFTNGP09.phx.gbl... I could swear I answered this question before...
You are attempting to substitute code for a browser. Your code will have to do what the browser would have done:
1) Browser attempts to reach a protected page, for instance, protected.aspx 2) Forms Authentication sees that the request does not include a Forms Authentication Ticket in the proper cookie, so the server replies with a "302 Page Moved" status, and a Location header pointing to the login page. 3) The browser requests the login page specified. 4) The server responds with the login page 5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login page 6) If the credentials are valid, the server responds with another "302 Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket. 7) The browser then requests protected.aspx, but this time supplies the Forms Authentication Ticket in a Cookie header 8) Forms Authentication sees that the request includes a valid Forms Authentication Ticket, so it permits the access. The server responds with the protected page.
This is what your code will need to duplicate.
Okay, I understand the steps.... but I have been unable to perform
them.
When I try to post my userid and password to my login.aspx page, I
keep getting the html for the login page back. I assume that this is
because I do nto successfully login. There are only 3 fields on the
login page __viewstate, userid, and password. The login screen is
using "forms" authentication.
I have scoured the web looking for a simple example of this type of
login, but have not been successful.
Once logged in, I realize that I need to grab the auth cookie and use
it on future requests of pages.
I am really surprised that I can not find an example of this. Is it so
simple that everyone else is able to do it without problems.... or am
I missing something.
Please help.
Thanks.
"Jim J" <do**********@hotmail.com> wrote in message
news:a0**************************@posting.google.c om... "John Saunders" <jo***********@surfcontrol.com> wrote in message
news:<es*************@TK2MSFTNGP12.phx.gbl>... "buran" <bu***@buran.com> wrote in message news:OJ**************@TK2MSFTNGP09.phx.gbl... I could swear I answered this question before...
You are attempting to substitute code for a browser. Your code will have
to do what the browser would have done:
1) Browser attempts to reach a protected page, for instance,
protected.aspx 2) Forms Authentication sees that the request does not include a Forms Authentication Ticket in the proper cookie, so the server replies with a "302 Page Moved" status, and a Location header pointing to the login
page. 3) The browser requests the login page specified. 4) The server responds with the login page 5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login page 6) If the credentials are valid, the server responds with another "302
Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket. 7) The browser then requests protected.aspx, but this time supplies the Forms Authentication Ticket in a Cookie header 8) Forms Authentication sees that the request includes a valid Forms Authentication Ticket, so it permits the access. The server responds
with the protected page.
This is what your code will need to duplicate.
Okay, I understand the steps.... but I have been unable to perform them.
When I try to post my userid and password to my login.aspx page, I keep getting the html for the login page back. I assume that this is because I do nto successfully login.
Jim, you know what they say about assumptions...
What happens if you assume that your assumption is incorrect, since that
seems to be the case?
--
John Saunders
Internet Engineer jo***********@surfcontrol.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Mike Cronin via DotNetMonster.com |
last post by:
Hi there,
Can anyone tell me what level of encryption is used when making an HTTPS
POST request through an instance of the System.Net.HttpWebRequest object?
Thanks much in advance!
Mike...
|
by: omyek |
last post by:
I'm trying to mimic the browsing of a webpage using an HttpWebRequest.
I've had a lot of luck with it so far, including logging into pages,
posting form data, and even collecting and using cookies....
|
by: buran |
last post by:
Dear ASP.NET Programmers,
How can I post data to an ASP.NET login page and pass authentication? The
login page uses forms
authentication, users must supply usernames and password and have to...
|
by: Hawksey |
last post by:
I would like to be able to programatically(Using HTTPWebRequest and
HTTPWebResponse) FORM post a user's credentials to a HTTPS login page
(.ascx)control. The problem I think I have after attempting...
|
by: shankararaman.s |
last post by:
Hi,
I am trying to develop an interface which will fetch all my Yahoo
mails. I am not able to sign in to yahoo by posting the form with my
username & password. Please find my code below and...
|
by: msnews.microsoft.com |
last post by:
I have been raking my brains on why this does not work. I get back the same
login screen again instead of the home page redirection which should occur
after a successful login:
'create a cookie...
|
by: peter |
last post by:
Hi,
I have very strange situation but first description ;)
I have:
1) project in VB.NET, in this f.e. 1 function:
Public Function Login(ByVal UserName As String, ByVal UserPassword As...
|
by: adwooley2 |
last post by:
Hello. Have been losing plenty of hair over problem whereby I can't
make it off the login page. Trying to pass login info to a login page
and then move on to another page within the site so that...
|
by: barrybevel |
last post by:
Hi,
I'm trying to login to the www.vodafone.ie website using
HttpWebRequest.
It works fine with IE/Firefox and the .NET Web Control too, just not
with my code.
I think it's a redirect 302...
|
by: nganapat |
last post by:
I am trying to post form values to a https web page programmatically
using Httpwebrequest but no matter what I do the same login page is
returned instead of the next page. I would very much...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |