HttpWebRequest not passing Credentials
Solution 1:
See if it shows up when you use the old-fashioned method:
string credentials = Convert.ToBase64String(ASCIIEncoding.ASCII.GetBytes("user"+ ":" + "password"));
request.Headers.Add("Authorization", "Basic " + credentials);
Solution 2:
What kind of authentication mechanism is protecting the web service? The credentials set on HttpWebRequest
will only be passed through HTTP's Authorization
header via Basic, Digest or NTLM. So, if your web service is protected with WS-Security
, the NetworkCredentials
will probably not be passed on to the authentication scheme at all, because WS-Security
doesn't operate at the HTTP level.
What you should do is create a Web Service client proxy for the web service through the command line tool wsdl.exe
or something similar. That will give you access to Web Service aware authentication schemes.
Update after comments:
It seems like HttpWebRequest
needs to receive the WWW-Authenticate
challenge with a 401 Unauthorized
before it can authenticate properly over SSL. I guess there's two separate code paths in HttpWebRequests
handling regular HTTP traffic and encrypted HTTPS traffic. Anyway, what you should try, is:
- Execute an unauthenticated
HttpWebRequest
to thehttps://.../
URI. - Receive the
401 Unauthorized
response. - Execute the same request, now with both
Credentials
set (not sure ifPreAuthenticate
should betrue
orfalse
; test both). - You should now get
200 OK
or whatever it is your Web Service responds with.
Another option is to build the Authorization
header yourself on the initial request:
string credentials = String.Format("{0}:{1}", username, password);
byte[] bytes = Encoding.ASCII.GetBytes(credentials);
string base64 = Convert.ToBase64String(bytes);
string authorization = String.Concat("Basic ", base64);
request.Headers.Add("Authorization", authorization);