Hi everyone,
We developped a WebService with Visual Studio .Net and we faced an
authentication problem with a java client. My assumption is that this
is because cookies passed from client are misunderstood by the
framework.
Basically, these are the headers received from the client (I used a
packet sniffer to know exactly what we received from him before the
framework modifies it):
=============== =============== =============== ============
POST /webservices/csaccessservice s.asmx HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(tr uncated for clarity)
User-Agent: Axis/1.2.1
Cache-control: no-cache
Pragma: no-cache
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
Content-Length: 308
Authorization: Basic Y253ZG5hMTNFXzE 6Y253ZG5FMQ==
Cookie: ASP.NET_Session Id=xsigyd55n0nf 4q55kujvolzi
Cookie: IDENTITY=C2AC93 6CD45DE...(trun cated for clarity)
=============== =============== =============== ============
and this is what I have when I look at the headers and server variables
when entering Application_Beg inRequest method:
=============== =============== =============== ============
POST /webservices/csaccessservice s.asmx HTTP/1.0
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 308
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(tr uncated for clarity)
Authorization: Basic Y253ZG5hMTNFXzE 6Y253ZG5FMQ==
Cookie: ASP.NET_Session Id=xsigyd55n0nf 4q55kujvolzi, IDENTITY=C2A...
User-Agent: Axis/1.2.1
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
=============== =============== =============== ============
As you can see, cookies have been merged on a single line. If it
worked, I wouldn't care about it, but it isn't. When I look at
Context.Request .Cookies object provided by the framework, I see that
there is only one cookie! It's name is ASP.NET_Session Id (the first
cookie) and it's value is the IDENTITY-value (C2A...)!!! So it seems
like the framework doesn't parse correctly the cookies, but I don't
know why??? It doesn't see the second cookie but it takes the second
cookie's value and associate this value with the first cookie. This is
kind of weird!!!
When I ask for the value of
Context.Request .ServerVariable s["HTTP_COOKI E"], the entire line is
returned.
I was able to reproduce this strange behavior by calling our webservice
using System.Net.WebR equest with a POST method. The cookies were on a
single line and separated by "," and they cookies were parsed by the
framework exactly the same way they are when called from java.
I know that if I call this webservice from a .Net client with
WebReferences it works well, but there is a slight difference between
the calls: cookies are separated by ";" instead of ",".
Any hint or help would be appreciated.
Thanks
Karl
We developped a WebService with Visual Studio .Net and we faced an
authentication problem with a java client. My assumption is that this
is because cookies passed from client are misunderstood by the
framework.
Basically, these are the headers received from the client (I used a
packet sniffer to know exactly what we received from him before the
framework modifies it):
=============== =============== =============== ============
POST /webservices/csaccessservice s.asmx HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(tr uncated for clarity)
User-Agent: Axis/1.2.1
Cache-control: no-cache
Pragma: no-cache
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
Content-Length: 308
Authorization: Basic Y253ZG5hMTNFXzE 6Y253ZG5FMQ==
Cookie: ASP.NET_Session Id=xsigyd55n0nf 4q55kujvolzi
Cookie: IDENTITY=C2AC93 6CD45DE...(trun cated for clarity)
=============== =============== =============== ============
and this is what I have when I look at the headers and server variables
when entering Application_Beg inRequest method:
=============== =============== =============== ============
POST /webservices/csaccessservice s.asmx HTTP/1.0
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 308
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml,...(tr uncated for clarity)
Authorization: Basic Y253ZG5hMTNFXzE 6Y253ZG5FMQ==
Cookie: ASP.NET_Session Id=xsigyd55n0nf 4q55kujvolzi, IDENTITY=C2A...
User-Agent: Axis/1.2.1
SOAPAction: "http://cedrom-sni.com/schema/WhoAmI"
=============== =============== =============== ============
As you can see, cookies have been merged on a single line. If it
worked, I wouldn't care about it, but it isn't. When I look at
Context.Request .Cookies object provided by the framework, I see that
there is only one cookie! It's name is ASP.NET_Session Id (the first
cookie) and it's value is the IDENTITY-value (C2A...)!!! So it seems
like the framework doesn't parse correctly the cookies, but I don't
know why??? It doesn't see the second cookie but it takes the second
cookie's value and associate this value with the first cookie. This is
kind of weird!!!
When I ask for the value of
Context.Request .ServerVariable s["HTTP_COOKI E"], the entire line is
returned.
I was able to reproduce this strange behavior by calling our webservice
using System.Net.WebR equest with a POST method. The cookies were on a
single line and separated by "," and they cookies were parsed by the
framework exactly the same way they are when called from java.
I know that if I call this webservice from a .Net client with
WebReferences it works well, but there is a slight difference between
the calls: cookies are separated by ";" instead of ",".
Any hint or help would be appreciated.
Thanks
Karl