HttpWebRequest and Authentication

Question

I am trying to use Forms Authenication with the httpwebrequest but I seem not to have any success. Here is what I am doing:

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);

request.Method = WebRequestMethods.Http.Get;

// Authentication items -------------------------------------------
request.UseDefaultCredentials = false;
request.PreAuthenticate = true;

// Attempt to set username and password:
CredentialCache cc = new CredentialCache();
cc.Add(
new Uri(url),
"Basic",
new NetworkCredential("username", "validpassword", "domain")
);
request.Credentials = cc;

request.AllowAutoRedirect = true;
request.KeepAlive = true;
request.Timeout = 10000;
CookieContainer cookieContainer = new CookieContainer();
request.CookieContainer = cookieContainer;

// request html
response = (HttpWebResponse)request.GetResponse();

The problem is that even with a valid password and username for the domain this is always throwing an exception.

Can anyone help?

NOTES:

• Exception Type: WebException
• Exception Message: "The remote server returned an error: (401) Unauthorized."
• Exception Status: Protocol
• Error Exception Occurring at: response =(HttpWebResponse)request.GetResponse();
• Exception Stack Trace: None ... sorry

Answer 1

I add Credentials for HttpWebRequest .

  myReq.UseDefaultCredentials = true;
  myReq.PreAuthenticate = true;
  myReq.Credentials = CredentialCache.DefaultCredentials;

I’d like to know the sub status code of the 401 error you encountered. The 401 error contains the following sub status code:

401.1:  Access is denied due to invalid credentials.
401.2:  Access is denied due to server configuration favoring an alternate authentication method. 
401.3:  Access is denied due to an ACL set on the requested resource.
401.4:  Authorization failed by a filter installed on the Web server.
401.5:  Authorization failed by an ISAPI/CGI application.
401.7:  Access denied by URL authorization policy on the Web server.

Because the project works well on your machine, I doubt it is a process identity issue. By default the application pool in IIS 6.0 uses “Network Service” as its identity. This account is restricted, so that you may encounter access deny issue.

For troubleshooting purpose, please try to change the application pool’s identity to “Local System”. If this method can resolve the issue, change back the identity to “Network Service”, and grant read/write permission to the xml file you want to read/write.

About how to change application pool’s identity, please refer to the following steps:

1. Open IIS manager (Start | Control Panel | Administrative Tools | Internet Information Services Manager).
2. Expand the “Application Pools” node.
3. Right click the application pool which your project is using, and then select “Properties”.
4. Click “Identity” tab.
5. Choose “Local System” in the Predefined dropdown list.

About how to grant permission to a file, please check these steps:

1. Open Windows Explorer.
2. Right click the file, and then select "Properties".
3. Click the "Security" tab.
4. Add "Network Service" in access list and check "Modify", "Read", and "Write" for it.

In addition, other files may cause this issue too, you can use Filemon to monitor any access file deny issues.

FileMon for Windows v7.04 http://www.microsoft.com/technet/sysinternals/FileAndDisk/Filemon.mspx