G
Guest
Hi
My app is trying to login to an ASP.NET site that uses Forms authentication. I am trying to do in my app (what was previously posted in a newsgroup) the same that a browser does
3) The browser requests the login page specified
4) The server responds with the login pag
5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login pag
6) If the credentials are valid, the server responds with another "302 Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket
I build a Post request to login.aspx and use HttpWebRequest to send it. I use HttpWebResponse to get the response
I have sent the proper login & password & VIEWSTATE info and all that stuff. In a sniffer trace, the response is a "HTTP/1.1 302 Found" with 3 Set-Cookie Headers. The web site redirects me to default.aspx; the trace shows my side (IIS?) sending a GET request for default.aspx, and that's what my app gets in my HttpWebResponse object. The problem is that I don't get logged in because this automatic GET request (below my app somewhere) doesn't get the cookies from the "302 Found" response and send it with the request; I know this because I run the trace and do the same steps from a browser, and in that session, the cookies get passed properly in the 'GET default.aspx' request
The HttpWebResponse object has a ContinueDelegate property, where I can provide a delegate method that's called when a HTTP 100 Continue response is received, but nothing for a "302 Found" response
Any ideas how to solve this? This is a show-stopper for me. I have a standard setup: VS.NET 2003 on XP Pro with IE 6.0 SP1
Thanks in advance
Iggy Evans
My app is trying to login to an ASP.NET site that uses Forms authentication. I am trying to do in my app (what was previously posted in a newsgroup) the same that a browser does
3) The browser requests the login page specified
4) The server responds with the login pag
5) The user fills in the login page and submits the form, so the browser POSTs the form back to the login pag
6) If the credentials are valid, the server responds with another "302 Page Moved" status, a Location header pointing to protected.aspx, and a Set-Cookie header providing the encrypted Forms Authentication Ticket
I build a Post request to login.aspx and use HttpWebRequest to send it. I use HttpWebResponse to get the response
I have sent the proper login & password & VIEWSTATE info and all that stuff. In a sniffer trace, the response is a "HTTP/1.1 302 Found" with 3 Set-Cookie Headers. The web site redirects me to default.aspx; the trace shows my side (IIS?) sending a GET request for default.aspx, and that's what my app gets in my HttpWebResponse object. The problem is that I don't get logged in because this automatic GET request (below my app somewhere) doesn't get the cookies from the "302 Found" response and send it with the request; I know this because I run the trace and do the same steps from a browser, and in that session, the cookies get passed properly in the 'GET default.aspx' request
The HttpWebResponse object has a ContinueDelegate property, where I can provide a delegate method that's called when a HTTP 100 Continue response is received, but nothing for a "302 Found" response
Any ideas how to solve this? This is a show-stopper for me. I have a standard setup: VS.NET 2003 on XP Pro with IE 6.0 SP1
Thanks in advance
Iggy Evans