RE: Calling a secure Axis web service with .net client

[thomas . cherel]

Title: RE: Calling a secure Axis web service with .net client

I had similar problem with the .NET client because in by back-end server (JBoss, web service implemented as an EJB) I enabled a default identity to be used for unauthenticated user.   To make it short, it seems that the .NET client will not send any user/password in the HTTP header (Authentication HTTP header) until it receives a request for authentication. Your server must deny the first request sent from the .NET client. When doing that, it is supposed, in the deny response, to send a WWW-Authenticate header to the client, which will try the request again and that time with the Authentication header (which will contain user/password).   Use the tcpmon of Axis to see what is going on at the HTTP level. As long as your server will not send back any WWW-Authenticate header, the .NET client will not send the Authentication header (or at least that is the behavior I observed).   Thomas  -----Original Message----- From: Vidyanand Murunikkara [mailto:[EMAIL PROTECTED]] Sent: Friday, May 24, 2002 2:42 AM To: [EMAIL PROTECTED] Subject: RE: Calling a secure Axis web service with .net client Hi thomas   I was doing exactly what you had suggested in your mail. But then for some reason the username and password are not being sent as an header. The only way i could add a header was to override the GetWebRequest() method and then add any header i wanted to add. But i guess there must be some way to do it directly without taking such pain.   Do you think I might be missing something here ?   Thanks for your time. Vidyanand -----Original Message----- From: [EMAIL PROTECTED] Sent: Mon 5/20/2002 6:56 PM To: [EMAIL PROTECTED] Cc: Subject: RE: Calling a secure Axis web service with .net client Have a look to what I sent earlier in the mailing list but something like that should do it (FirstServiceService is the C# generated for my service when I do the add web reference):                                 FirstService.FirstServiceService firstService = new FirstService.FirstServiceService ();                                 firstService.Url = FIRST_SERVICE_END_POINT_URL;                 // I am not 100% since documentation is not very clear, but it seems that without the                 // PreAuthenticate, every operation call will always be two HTTP requests: one without                 // the Authentication header (then a WWW-Authenticate header is returned in the access                 // denied), then a second request with the Authentication header. I was hoping that this                 // will also do the trick to be able to use the unauthenticatedIdentity of JBoss, but the                 // first request still expect the WWW-Authenticate header before sending the Authentication                 // one.                                 firstService.PreAuthenticate = true;                                 firstService.Credentials = new NetworkCredential (userName, userPassword); -----Original Message----- From: Vidyanand Murunikkara [mailto:[EMAIL PROTECTED]] Sent: Monday, May 20, 2002 7:53 PM To: [EMAIL PROTECTED] Subject: Calling a secure Axis web service with .net client HI i have a Web service running using Axis. I have turned on HTTP Authentication for this. So the only way i can access this service( verified using some handlers ) is to have a username and password . If i have a client generated using axis then in the Client stub i can set the Username and password. But does anyone know how i can access this web service from a .net client. I havent been able to figure out a way to set the username and password headers required for the web service in .net. ( I am using C# clients ). Thanks for looking into this. Vidyanand.