Geek Answers Handbook

HttpWebRequest and forms authentication in C #

I am a system guy and am currently working on a part-time web development project, so he is pretty new to this. I am trying to write an http client for www.portapower.com.

This will be for certain elements posted on the website, and if they meet a specific requirement, it will print a message.

When trying to access this page:

http://www.portapower.com/getbainfo.php?fclasscode=1&code=CB1831B.40H&fbrand=QUNFUg==

The website redirects me to the default registration page:

http://www.portapower.com/defaregit.php

Here is the code snippet that I encoded:

CookieContainer myContainer = new CookieContainer(); HttpWebRequest request = (HttpWebRequest) WebRequest.Create("http://www.portapower.com/" + urlpart); request.Credentials = new NetworkCredential("****", "******"); request.CookieContainer = myContainer; request.PreAuthenticate = true; request.Method = "POST"; HttpWebResponse response = (HttpWebResponse) request.GetResponse(); Console.WriteLine(response.StatusCode); Stream resStream = response.GetResponseStream(); Console.WriteLine(resStream.ToString());

I have a username and password and it works great when used in a browser. Please tell me if this is the correct way to access the authenticated page.

+6
c # forms-authentication
source share
4 answers

It depends on how the site authenticates users. If they use basic authentication or Windows authentication, you can set the Credentials property of the HttpWebRequest class for the username / password / domain information, and it should work.

However, it looks like you need to enter the username / password on the site, which means that you need to log in to the site first. Looking at the main page, this is what I find in the <form> element that processes the login:

 <form name="formlogin" method="post" action="./defalogin.php" > <input name="emtext" type="text" id="emtext" size="12"> <input name="pstext" type="password" id="pstext" size="12"> <input type="submit" name="Submit" value="Logn in" onClick="return logincheck()" > </form>

I have included only the relevant parts.

Given this, you should first go to the ./defalogin.php page with the HttpWebRequest and POST emtext and pstext . Also, make sure that you set the CookieContainer property in the CookieContainer instance. When this POST call returns, it will most likely be filled with a cookie, which you will need to send back to the site. Just continue to set the CookieContainer property in any subsequent instances of the HttpWebRequest on the CookieContainer to ensure that cookies are passed.

Then you will be taken to the page indicated in the link.

The javascript logincheck function is also logincheck , but looking at the sources of the script, it doesn't notice anything.

+6
source

The credentials you submit are for Windows authentication. You need to send message data with data that mimics the presentation of the form, and then fix the session cookie set in the response and use this cookie for future requests.

Take a look at this answer, which has code for this:

Sign in with HttpWebRequest

+2
source

You cannot do it this way; the data you transmit can be used with a basic authentication scheme (that is, where a dialog box with a username / password appears in the browser). You will need to simulate writing data into this form and catch log into the cookie and use this.

+1
source

The NetworkCredential class is designed to manage regular Windows credentials (NTLM, Kerberos, etc.).

This site is a PHP site running on Apache, so I don't think they use NTLM or kerberos.

What you want to do is put some FORM fields on the site and then save the cookie that you will return. Make sure in subsequent requests that you click a cookie on the site so that it knows that you are already logged in.

0
source

More articles:


All Articles