Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Http Web Requests

Posted on 2004-10-22
Medium Priority
Last Modified: 2008-01-09
My application needs to retrieve market data, using HTTP protocol, from a vendor, as a batch process.  I am planning to build an application using httpRequest httpResponse classes.  I have a problem when I post data to the vendors URL, the first request is challenged by "Enter Network Password" dialog box.  I have used Proxy object to supply network credentials, but that was for letting my request go out to the internet.  In my case the remote host is challenging me.  How can I supply these credentials to the remote proxy server in a non-interactive mode.  I have contemplated getting a window handle of the dialog box and manipulating it, but I am not comforatble with that approach.
Question by:sai7843
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 12380546
Something like this...

      System.Net.HttpWebRequest request = new System.Net.HttpWebRequest();
      System.Net.CredentialCache cache = new System.Net.CredentialCache();
      cache.Add(new Uri(proxy.Url), "Negotiate", new System.Net.NetworkCredential("username","password","domainname") );
      request.Credentials = cache;

Author Comment

ID: 12380830
Hi TomasX2,
                   I am already using this to provide credentials for my request to go out to internet thru proxy servers on my end of net work.  But the "Enter NetWok Password" box is appearing when my request reaches the remote host i.e., the remote host is trying to authenticate me with a dialog box.  This is the problem, I am facing.  To see it, please navigate to http://desktop.interactivedata.com/cgi/id-menus.cgi?ref=DM.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.


Expert Comment

ID: 12380864
Are you setting the credentials for both the request object and the request´s proxy object.

        System.Net.HttpWebRequest request;
        request.Credentials = System.Net.CredentialCache.DefaultCredentials;
        request.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;              

Author Comment

ID: 12384338
Hi TomaX2
                     The following is a snapshot of my code.  
                      I am getting 401 return code from remote host

username="abcdefg";    /// These two are required by the remote host
password="xyxyxyx";  ////

// Instantiate the custom Basic authentication module.
CustomBasic customBasicModule = new CustomBasic();
// Unregister the standard Basic authentication module.

// Register the custom Basic authentication module.
// Create the Web request object.
HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);

///The following is required so that my request could get on to the internet,
//because the corporate firewall does not allow traffic to get out without proper
WebProxy objProxy;
NetworkCredential objCredentials;
objProxy = new WebProxy("ourproxy.mycompany.com", 8080);
objCredentials = new NetworkCredential("user1", "welcome", "companyDomain");
objProxy.Credentials = objCredentials;
req.Proxy = objProxy;
// Define the request access method.
req.Method = "POST";
req.Credentials = new NetworkCredential(username, password);   //Required by remotehost            
StreamWriter objStream = new StreamWriter(req.GetRequestStream(), Encoding.ASCII);

// Issue the request.
HttpWebResponse result = (HttpWebResponse) req.GetResponse();

//Console.WriteLine("\nAuthentication Succeeded:");

// Store the response.
Stream sData = result.GetResponseStream();

////++++++++++++++++++++++++++++Helper class+++++++++++++++++++++++

public class CustomBasic : IAuthenticationModule

      private string m_authenticationType ;
      private bool m_canPreAuthenticate ;

      // The CustomBasic constructor initializes the properties of the customized
      // authentication.
      public CustomBasic()
              m_authenticationType = "Basic";
              m_canPreAuthenticate = false;

      // Define the authentication type. This type is then used to identify this
      // custom authentication module. The default is set to Basic.
      public string AuthenticationType
            return m_authenticationType;

      // Define the pre-authentication capabilities for the module. The default is set
      // to false.
      public bool CanPreAuthenticate
                 return m_canPreAuthenticate;

// The checkChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// domain name is equal to DOMAINNAME.
      public bool checkChallenge(string Challenge, string domain)
            bool challengePasses = false;

            String tempChallenge = Challenge.ToUpper();

                // Verify that this is a Basic authorization request and that the requested                   // domain is correct.
                // Note: When the domain is an empty string, the following code only
                         // checkswhether the authorization type is Basic.

               if (tempChallenge.IndexOf("BASIC") != -1)
            if (domain != String.Empty)
                  if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
                        challengePasses = true;
                        // The domain is not allowed and the  
                                                                //authorization type is Basic.
                        challengePasses = false;
                  // The domain is a blank string and the authorization type  
                                                //is Basic.
                  challengePasses = true;

                  return challengePasses;

// The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns false.
      public Authorization PreAuthenticate(WebRequest request, ICredentials  
            return null;

// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
      public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
            Encoding ASCII = Encoding.ASCII;        

            // Get the username and password from the credentials
            NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic");        

            // Verify that the challenge satisfies the authorization requirements.
            bool challengeOk = checkChallenge(challenge, MyCreds.Domain);

            if (!challengeOk)
                  return null;

            // Create the encrypted string according to the Basic authentication
                                // format as follows:
      // a)Concatenate the username and password separated by colon;
      // b)Apply ASCII encoding to obtain a stream of bytes;
      // c)Apply Base64 encoding to this array of bytes to obtain the encoded
            // authorization.
      string BasicEncrypt = MyCreds.UserName + ":" + MyCreds.Password;

      string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt));

      // Create an Authorization object using the encoded authorization above.
      Authorization resourceAuthorization = new Authorization(BasicToken);

      return resourceAuthorization;

Expert Comment

ID: 12404576
Try WebClient as follows

string uriString = "The URL";
string input = "data";
WebClient appClient = new WebClient();
string userId = ConfigurationSettings.AppSettings["webShareUserId"];
string password = ConfigurationSettings.AppSettings["webSharePassword"];
string domain = ConfigurationSettings.AppSettings["webShareDomain"];
appClient.Credentials = (ICredentials)new System.Net.NetworkCredential(userId,password,domain);

Author Comment

ID: 12593959
I have opened a ticket with Microsoft regarding this issue.  It turns out that I was having problems because the remote server was not formatting its headers according to the RFC specifications.  IE itself tolerates this, but HttpWebRequest classes could not cope with this.  Microsoft has recommended using .NET framwork 1.1 and using configuration setting to allow unsafeHeaderParsing, which solved the problem.

Accepted Solution

modulo earned 0 total points
ID: 12632851
PAQed with points refunded (125)

Community Support Moderator

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question