axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject RE: Calling a secure Axis web service with .net client
Date Fri, 24 May 2002 13:01:30 GMT
I had similar problem with the .NET client because in by back-end server
(JBoss, web service implemented as an EJB) I enabled a default identity to
be used for unauthenticated user.
To make it short, it seems that the .NET client will not send any
user/password in the HTTP header (Authentication HTTP header) until it
receives a request for authentication. Your server must deny the first
request sent from the .NET client. When doing that, it is supposed, in the
deny response, to send a WWW-Authenticate header to the client, which will
try the request again and that time with the Authentication header (which
will contain user/password).
Use the tcpmon of Axis to see what is going on at the HTTP level. As long as
your server will not send back any WWW-Authenticate header, the .NET client
will not send the Authentication header (or at least that is the behavior I

 -----Original Message-----
From: Vidyanand Murunikkara []
Sent: Friday, May 24, 2002 2:42 AM
Subject: RE: Calling a secure Axis web service with .net client

Hi thomas
I was doing exactly what you had suggested in your mail. But then for some
reason the username and password are not being sent as an header. The only
way i could add a header was to override the GetWebRequest() method and then
add any header i wanted to add. But i guess there must be some way to do it
directly without taking such pain.
Do you think I might be missing something here ?
Thanks for your time.

-----Original Message----- 
Sent: Mon 5/20/2002 6:56 PM 
Subject: RE: Calling a secure Axis web service with .net client

Have a look to what I sent earlier in the mailing list but something like
that should do it (FirstServiceService is the C# generated for my service
when I do the add web reference):

firstService = new FirstService.FirstServiceService ();

                                firstService.Url =
                // I am not 100% since documentation is not very clear, but
it seems that without the 
                // PreAuthenticate, every operation call will always be two
HTTP requests: one without 
                // the Authentication header (then a WWW-Authenticate header
is returned in the access 
                // denied), then a second request with the Authentication
header. I was hoping that this 
                // will also do the trick to be able to use the
unauthenticatedIdentity of JBoss, but the 
                // first request still expect the WWW-Authenticate header
before sending the Authentication 
                // one. 
                                firstService.PreAuthenticate = true; 
                                firstService.Credentials = new
NetworkCredential (userName, userPassword); 

-----Original Message----- 
From: Vidyanand Murunikkara [
<> ] 
Sent: Monday, May 20, 2002 7:53 PM 
Subject: Calling a secure Axis web service with .net client 


i have a Web service running using Axis. I have turned on HTTP
Authentication for this. So the only way i can access this service( verified
using some handlers ) is to have a username and password .

If i have a client generated using axis then in the Client stub i can set
the Username and password. 

But does anyone know how i can access this web service from a .net client. I
havent been able to figure out a way to set the username and password
headers required for the web service in .net. ( I am using C# clients ).

Thanks for looking into this. 

View raw message