• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

Using Invoke-WebRequest in Powershell to authenticate against Forms authentication in a C# MVC site

I am using Invoke-WebRequest in Powershell to authenticate against Forms authentication in a C# MVC site.

I have usually done it this way successfully;
$webServerUrl = 'http://localhost:54363'

$r = Invoke-WebRequest $webServerUrl -SessionVariable my_session
$form = $r.Forms[0]
$credentials = Get-Credential
$form.fields['Username'] = $credentials.GetNetworkCredential().UserName
$form.fields['Password'] = $credentials.GetNetworkCredential().Password
$form.fields['RembemberMe'] = $true;

$r = Invoke-WebRequest -Uri $($webServerUrl + $form.Action) -WebSession $my_session -Method GET -Body $form.Fields

Open in new window


As you can see, I retrieve a form, set username and password and log in.
But now in the recent version of the system, the first Invoke-WebRequest fails and the $r variable is never populated.

I get the html of the page outputted to the Powershell terminal window and at the end of that I receive:
+ $r = Invoke-WebRequest $webServerUrl -SessionVariable my_session
+      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc
   eption
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Open in new window


I have tried debugging the MVC application while sending a request with Powershell, and I cannot see anything out of the ordinary. The LoginController and its Index method returns 401 Not Authorized with the HTML for a login form. When I use that form in a web browser, I can log in. But my attempt  in Powershell still fails.

The error variable displays this:
$error[0].Exception
The remote server returned an error: (401) Unauthorized.

Open in new window

0
itnifl
Asked:
itnifl
  • 3
  • 2
1 Solution
 
Jose Gabriel Ortega CCEO J0rt3g4 Consulting ServicesCommented:
Try to do the job "in the front end" first,
Try this script, it worked for me.
just download it, modify the parameters according to what you need.

Run it.

And once it's working...
Save the script part in a "scriptblock"
$sb={
#Script here
}
And run the
Invoke-Command -scriptblock $sb -computer "computer"
1
 
itniflAuthor Commented:
Trying to do the job on the computer itself via remote script execution might be a good idea for simplicity, but in this case I end up calling the web site anyway. Doesn't matter what computer I am doing it from.

Usually a user enters a username and password in a web page, which works fine. Normally the script execution with Powershell I referred to allows me to do this with Powershell.

But not any more. I guess I have to find out when this broke, and then figure out what changes have been made to the system in the mean time,,,
0
 
Jose Gabriel Ortega CCEO J0rt3g4 Consulting ServicesCommented:
0
 
itniflAuthor Commented:
Finally figured it out.
There was a nested partial view in the MVC solution with the Authorize attribute set. So when entering the login form, the user got a reply 401 Unauthorized, while he was supposed to get 200 OK.

The web browser handeled this fine, while  Invoke-WebRequest threw an error.

Removing the authorize attribute from the nested partial view that was being called solved the problem.
0
 
itniflAuthor Commented:
Solution was found
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now