Why is my httpwebrequest post for myhandler.ashx rejected with status code 401

Question

Why is my httpwebrequest post for myhandler.ashx rejected with status code 401

I already wrote an HTTPHandler that gets POSTed from the ColdFusion page and works successfully; Now I'm trying to write a web application in ASP.NET, so I can submit the form to the .ashx handler from the .aspx page.

The application trace (trace.axd) shows the following my last 3 entries:

2 8/14/2009 1:53:56 PM /Default.aspx 200 GET View Details 3 8/14/2009 1:54:04 PM /Default.aspx 200 POST View Details 4 8/14/2009 1:54:13 PM /UploadHandler.ashx 401 POST View Details

I have a breakpoint in my .ashx file, but it is never reached (I think due to status code 401). Here is the code snippet from default.aspx trying to POST the handler:

 protected void UploadHandlerButton_Click(object sender, EventArgs e) { if (FileUpload1.HasFile) { try { ASCIIEncoding encoding = new ASCIIEncoding(); byte[] data = encoding.GetBytes(BuildFormData()); string baseAddress = "http://" + Environment.MachineName; string pathInfo = Page.ResolveUrl("UploadHandler.ashx"); string URI = baseAddress + pathInfo; HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(URI); myRequest.Method = "POST"; myRequest.ContentType = "application/x-www-form-urlencoded"; myRequest.ContentLength = data.Length; Stream newStream = myRequest.GetRequestStream(); newStream.Write(data, 0, data.Length); newStream.Close(); } catch (Exception someError) { LogText("FAILURE: " + someError.Message); } } }

Here is a snippet of code from the UploadHandler.ashx file (but this does not seem to be achieved):

 public void ProcessRequest(HttpContext context) { string returnURL = context.Request.ServerVariables["HTTP_REFERER"]; string message; message = UploadFile(context); StringBuilder msgReturn = new StringBuilder(returnURL); msgReturn.Append("?n="); msgReturn.Append(HttpUtility.UrlEncode(TRIMrecNumAssigned)); msgReturn.Append("&m="); msgReturn.Append(HttpUtility.UrlEncode(message)); context.Response.Redirect(msgReturn.ToString()); }

Both default.aspx and UploadHandler.ashx are in the root of the virtual directory on my localhost; directory protection is currently set to Anonymous Access CHECKED and Integrated Windows authentication CHECKED.

When I click the View Details link on the trace.axd screen, I see all the data in the form collection that I expect to see and hope to process, but this 401 seems to stop everything. I can publish the code for my little BuildFormData () function if that is useful.

EDIT: revised handler as follows (no effect, same error):

 public void ProcessRequest(HttpContext context) { //----------------------------------------------------------------------------------------- // the remainder of this block is alternative to the .Redirect and is useful for debugging. context.Response.ContentType = "text/html"; //context.Response.Write(TRIMrecNumAssigned); //context.Response.Write("<p>"); //context.Response.Write(msgReturn); context.Response.Write("<H1>Trim - Kerberos Prototype for ColdFusion consuming pages</h1>"); HttpContext.Current.Trace.IsEnabled = true; HttpContext.Current.Trace.Write(null); HttpContext.Current.Trace.Write("-------"); HttpContext.Current.Trace.Write(context.Request.Form["txtTrimRecordType"]); HttpContext.Current.Trace.Write(GetUserInfo()); HttpContext.Current.Trace.Write("-------"); HttpContext.Current.Trace.Write(null); using (Html32TextWriter htw = new Html32TextWriter(context.Response.Output)) { typeof(TraceContext) .GetMethod("Render", BindingFlags.NonPublic | BindingFlags.Instance) .Invoke(HttpContext.Current.Trace, new object[] { htw }); } }

+1

asp.net http-status-codes http-status-code-401 httpwebrequest localhost

John adams Aug 14 '09 at 18:30

source share

2 answers

Jamiegaines · Answer 1 · 2009-08-14T20:08:15+0000

Have you tried disabling the built-in Windows Auth and just leaving anonymous? Does it matter?

Your answer: “I think this made things worse, because now I can’t even look at default.aspx. I get this: HTTP 401.3 - Access denied by ACL in Internet Information Services resource”

My answer: This is actually good. This means that we are approaching what is happening. If you get this error message and the only thing you turned on is anonymous authentication through IIS, this means that the ASP.NET impersonator user does not have NTFS permissions for the files in question.

I'm not sure if you are on XP or Win 2k3, but now you want to check and make sure that either ASPNET (XP) or Network Service (Win 2k3) users have at least read access to the files in question. Make sure the user has at least this level of access, and then let me know how this happens.

Update . I don’t know why I didn’t think about it before. You may need to set credentials in your HttpWebRequest. To use the credentials of the current user, try adding this to your query.

 HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(URI); myRequest.Credentials = CredentialCache.DefaultCredentials;

If you need to add different credentials, you can try Network credentials

Here's a good explanation of the credentials here .

Hope this helps.

Keltex · Answer 2 · 2009-08-14T18:39:36+0000

Looking at your ProcessRequest (), you do the following:

 string returnURL = context.Request.ServerVariables["HTTP_REFERER"];

Depending on how you call it with HttpWebRequest , this variable will be zero. Then, when you create your msgReturn, it will look something like this:

 ?n=XXX%m=YYY

When redirected to this URL, it probably won't be found, which returns 401.

Why is my httpwebrequest post for myhandler.ashx rejected with status code 401

More articles: