.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Add Cookies to a webservice client request

Posted By:      Posted Date: September 24, 2010    Points: 0   Category :.NET Framework

I have an HttpModuke that performs authentication sitting in front of a webservice.  Using SOAP and WS-S I can capture the client's credentials and mask them by wrapping the request input stream to prevent the service provider from discovering the values.  Accessing the same service using HTTP GET/POST or any REST invocation is proving a problem.

My 1st attempt was to use proprietary HTTP Headers which allow the client to send the credentials but I cannot mask or remove them in the HttpModule ("PlatformNotSupportedException").  My next thought was to have the client add userid and password values in the HttpWebRequest.CookieContainer object.  The HttpContext.Current.Request.Cookies property arrives at the HttpModule empty.  I have set the service's web.config file to "cookieless = false" but no success.  I'm still not sure, even if I can get the cookies to arrive, whether I can remove them before allowing the service to process the message.  Has anyone dealt with this, or something similar, in the past?  Am I missing some setting on the client side?  Thanks in advance for any help available!





View Complete Post

More Related Resource Links

How to bind a WCF Http client to a specific outbound IPAddress before making the request

I want my request to go out through a specific IP Addresses. Is there a way to do that in WCF. The explanation of why I need this is a little long winded so i'd rather not get into that. Here is sample code string ipAddress = ""; IService service; ChannelFactory<IOmlService> factory = new ChannelFactory<IService>(new BasicHttpBinding(), new EndpointAddress("http://" + IPAddress + ":6996/IService")); service = factory.CreateChannel(); service.Test(); Here is an example scenario to explain exactly what i'm looking for. Let's say I have two IPs on my machine ( and Both of them can hit If i run this code now, it will hit the IP (.32) from any of my IPs (.30 or .31). How can i force it to go through a specific IP of mine (say .30). Is there any way to do that using WCF? Thanks

Need help in reading Soap request and response on invoking WCF client assembly

Hi All,   I'm new to WCF and i'm using .Net 3.5. I have created a library from the proxy class generated through svcutil. I'm able to succesfully invoke service methods. I was wondering how to capture the request and response soap xmls so that i could render it on browser. If you have any code piece for this kind of problem please share it with me. Regards, Rahul

WCF client consuming oracle webservice is inconsistently works

Hi, In my WCF client application, I am consuming the Oracle  webservices. Strangely this wcf client functioning inconsistently. That means sometime, it does not find the service endpoint and some times it does. Where the code and environment are absolutely same in both the cases. But when I use web services, I see the code works consistently. There is no endpoint listening at the address http://<serviceurl> Does any one faced similar issue with WCF? Thanks!

Seeing the SOAP request sent from a Web Service Client/Consumer

Hello, I am building a web service consumer in C# in VS2010.  Using the provided WSDL, I need to build appropriate headers and use certificates, SSL (user name & pass), & WS security.  I am getting an error from the webservice side, specifically processing the <wsse:Security> header. Is it possible for me to see the exact request I am sending to the Webservice? I'd like to see the values of the pieces of the header that get put in and such. Is it possible to have human readable serialization of what's being passed in right before the error? Thank You

Signing The Body of a Web Service Request (From Client)

Hello, I attempting to consume a webservice, which has numerous security factors, one of which is SSL. I am using WS-Security and attempting to sign the body of my request.  Right now it is only currently signing the timestamp and to: (endpoint).  I've been scouring the forums, but seem to come to a dead end with threads dying off... http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/034f71cd-408e-447c-a95c-e0cf4baa5742 I'm assuming I will have to modify the reference.cs file or maybe even the WSDL, but here's some of the code I've done for the binding..is this on the right track? WSHttpBinding myBinding = new WSHttpBinding(); myBinding.Security.Mode = SecurityMode.TransportWithMessageCredential; myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; myBinding.Security.Message.NegotiateServiceCredential = false; myBinding.Security.Message.EstablishSecurityContext = false;

WCF webservice: HTTP/1.1 400 Bad Request while sending large input

I am connecting to a WCF based webservice. For certain methods, the input contains a list of objects/structures. When the number of items in this list increases beyond a certain number, the service fails with HTTP/1.1 400 Bad Request when I try to test the same using SOAPUI. I tried changing the web.config file with the following changes: <httpRuntime maxRequestLength="2097151" /> <binding name="basicHTTP" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:01:00" sendTimeout="00:01:00" maxReceivedMessageSize="4194304" maxBufferSize="98547" maxBufferPoolSize="258547"> <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" /> </binding>   Kangkan

The HTTP request is unauthorized with client authentication scheme 'Anonymous'

I am trying to do a soap request from a WebCTRL server. I went to add a service reference, entered the URL to my wsdl and (after prompting me for a username and password) it added the reference and I can create an instance of the service object and makes calls against it.   Dim eval As New WebCTRL_Eval.EvalClient eval.Open() Debug.Print(eval.getValue("#reception_40/lstat"))   I get this back from the server, on open and getvalue.   The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="SOAP Access"'.   I understand that it is the HTTP authentication that I need to setup or configure, but just dont understand how to do it.   I have tried eval.ClientCredentials.UserName.UserName = "myusername" eval.ClientCredentials.UserName.Password = "mypassword"   How do I change the client authentication scheme and provide my credentials to it?   Here is what is on my app.config file.   <system.serviceModel>  <bindings>   <wsHttpBinding>    <binding name="EvalSoapBinding"     bypassProxyOnLocal="false"     transactionFlow="false"     hostNameComparisonMode="StrongWildcard"     maxBufferPoolSize="524288"     maxReceivedMessageSize="65536"     messageEncoding="Text"

Why request parameter added to client side code in each method while using svcutil.exe

Hi, I am using WCF services in my project and want to call WCF methods asynchronously. I am hosting WCF service programmatically in windows app as follows svc = New ServiceHost(GetType(Service1), New Uri("net.tcp://localhost:8806/")) Dim svcMDB As New ServiceMetadataBehavior svc.Description.Behaviors.Add(svcMDB) svc.AddServiceEndpoint(GetType(Service1), New NetTcpBinding(), "MyBusiness/MyBusinessService/") svc.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexTcpBinding(), "MyBusiness/MyBusinessService/mex") svc.Open() Me.Text = "Service started...." and I am generating client side proxy using svcutil.exe as follows. svcutil /n:net.tcp://localhost:8806/MyBusiness/MyBusinessService,MyService net.tcp://localhost:8806/MyBusiness/MyBusinessService/mex /a /language:vb   The result of this command is as :   Microsoft (R) Service Model Metadata Tool [Microsoft (R) Windows (R) Communication Foundation, Version 3.0.4506.2152] Copyright (c) Microsoft Corporation.  All rights reserved.   Attempting to download metadata from 'net.tcp://localhost:8806/MyBusiness/MyBusi nessService/mex' using WS-Metadata Exchange. This URL does not support DISCO. Generating files... D:\Prabodh\New C2k\Test Projects\DataTableToArray\MyHost\bin\Debug\MyBusinessSer vice.vb D:

WCF MTOM Client calling Java Webservice - Issues with File attachment Content ID encoded in SOAP mes

Hello,I'm having difficulty calling a MTOM enabled Java based web service that accepts an file as input..NET appeats to be generating a SOAP message where the reference to the binary part of the message is an encoded url.For Example:  <inc:Include href="cid:http%3A%2F%2Ftempuri.org%2F1%2F634000265217257868" xmlns:inc="http://www.w3.org/2004/08/xop/include"/>In fact, the Content ID defined in the SOAP message, looks nothing like the actual Content ID of the actual message part.Content-ID: <http://tempuri.org/1/634000265217257868=2787915398744@soapui.org>The service is invoked and executed on the java webserver...but the data element appears to be null.I do not believe the java web server understands the reference in the SOAP message because it is encoded....Or...perhaps it's because the Content-ID attribute has extract stuff on it.I'm working with a custom MTOM encoder in WCF....is there a way to generate your own Content ID or tell .NET not to encode the url?My frustration with .NET has reached an all new level with this project...Any help would be greatly appreciated.Here the SOAP message that is being generated:<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope" xmlns:ns="http://docs.oasis-open.org/ns/cmis/messaging/200901" xmlns:ns1="http://docs.oasis-open.org/ns/cmis/core/200901&q

Sign outgoing client request SOAP body with WSE 3.0



We currently have the code in WCF to sign the outgoing client requests' SOAP Body, however we need the same code for use with WSE 3.0.  I can't find any examples of this.  

Is it possible?  If so, does anyone have an example?

Thank you,

The HTTP request was forbidden with client authentication scheme 'Anonymous'

I am trying to build a proof of concept of a WCF service utilisting a
wsHttpBinding with Transport Certificate security. I am having problems
connecting to it with a console client - everytime I try to open the channel
I get the following error: The HTTP request was forbidden with client authentication scheme 'Anonymous'.

can any one help me?
Thanks a lot
Frank Xu Lei--????,????
Focus on Distributed Applications Development and EAI based on .NET
?????????????:Welcome to My Chinese Technical Blog
??????WCF??????:Welcome to Microsoft Chinese WCF Forum
??????WCF??????:Welcome to Microsoft English WCF Forum

Webservice, server was unable to process request error


System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Xml.XmlException: Data at the root level is invalid. Line 1, position 1.
   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
   at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace()
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XsdValidatingReader.Read()
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at BusinessObjects.OrderHelper.PlaceOrder(String StrorderXml) in C:\Documents and Settings\mchinta\My Documents\Visual Studio 2008\Projects\CcbApp\BusinessObjects\OrderHelper.cs:line 63
   at IServiceReference.IOrder.PlaceOrder(String orderXml) in C:\Documents and Settings\mchinta\My Documents\Visual Studio 2008\Projects\CcbApp\IServiceReference\IOrder.asmx.cs:line 24
   --- End of inner exception stack trace ---

Here is my XML

<?xml version='1.0' encoding='utf-8' ?><Order>Data</Order>

My S

The HTTP request is unauthorized with client authentication scheme 'Anonymous'.




I am receiving an error when i am callign the WCF service which is hosted in the IIS,


The HTTP request is unauthorized with client authentication scheme 'Anonymous'.The authentication header received from the server was 'Negotiate,NTLM' while calling service hosted in IIS.


Both check boxes are checkd in the properties->DirectorySecurity->Edit...

Anonymus and Integrated Windows.


Can anybody help me regarding thsi issue...






A potentially dangerous Request.Form value was detected from the client


I know this has been discussed already but my problem isn't the error itself. My problem is I am including [ValidateInput(false)] above my ActionResult and I still receive this error when I click submit. Is there something somewhere else overriding this command?

Here is what the code looks like.

[Authorize(Roles = "Administrator")]
        public ActionResult Create(FormCollection Form)

[Authorize(Roles = "Administrator")]



HttpContext.Session A potentially dangerous Request.QueryString value was detected from the client


I have an ashx handler that was working fine in VS2008 but when I upgraded to VS2010 (haven't gone back to VS2008 to double check though) and when I try to grab the value from HttpContext.Request.Params["update"] I get the following error:

+ ex {"A potentially dangerous Request.QueryString value was detected from the client (update=\"<SETIProducts><Produ...\")."} System.Exception {System.Web.HttpRequestValidationException}

"A potentially dangerous Request.QueryString value was detected from the client (update=\"<SETIProducts><Produ...\")."} System.Exception {System.Web.HttpRequestValidationException}

I've read that I can set the validateRequest to false, but I was wondering about the impacts and looking for any other suggestions. 

I know very little about security when it comes to web programming but I thought I should mention that my handler will be running on a internal file server but transmitting data to/from an eCommerce platfo

Fetch raw XML for SOAP request and response inside WCF client


I've got a basis WinForms test harness that's implementing a WCF client (.NET 3.5) which calls a SOAP web service.  I need to be able to write the HTTP request and response and output the two XML documents so I can load them back into WebBrowser controls on the form.

It looks like the way to accomplish this is to implement a custom IClientMessageInspector and an IEndpointBehavior, apply the behavior to the binding and then do the work of capturing the XML inside AfterReceiveReply and BeforeSendRequest (inside IClientMessageInspector implementation).

So my questions are:

1. This seems like a rather exhaustive process, is there a more straightforward approach to doing this? 

2.  If I am on the right path, does anyone have links to related articles/code samples related to this?

3. In what I have coded so far, I am held up trying to get the behaviorExtension to register properly (inside app.config), it looks as if I must register my classes that implement behavior Extenshions in the GAC in order to make use of them, is this true? 

Thanks in advance for taking time away to help a fellow developer!

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend