Hi everyone.
My web application wants to take advantage of an encrypted
authentication cookie that's provided by another application on the
same server. The cookie is visible on the client side, but when I
invoke a method on my web service no cookies are visible.
For example, here is the relevant code in an example Javascript
client:
var o = new ActiveXObject(" MSXML2.XMLHTTP" );
o.open("POST"," http://localhost/Example/Service1.asmx", false);
o.setRequestHea der("Content-Type", "text/xml");
o.setRequestHea der("SOAPAction ", "http://tempuri.org/HelloWorld");
o.setRequestHea der("Cookie", "foo=bar; baz=quux");
o.setRequestHea der("Cookie", "foo=bar; baz=quux");
o.setRequestHea der("FOO", "BAR");
var msg = "<soap:Enve lope xmlns:xsi='http ://www.w3.org/2001/XMLSchema-
instance' xmlns:xsd='http ://www.w3.org/2001/XMLSchema'
xmlns:soap='htt p://schemas.xmlsoap .org/soap/
envelope/'><soap:Body><H elloWorld xmlns='http://tempuri.org'></
HelloWorld></soap:Body></soap:Envelope>" ;
o.send(msg);
alert (o.responseXML. xml);
And here is the relevant code in the C# method it calls:
[WebMethod]
public string HelloWorld()
{
return "Hello World! There are " +
Context.Request .Cookies.Count. ToString() + " cookies! Your FOO header
is " + Context.Request .Headers["FOO"] + " but your Cookies header is "
+ Context.Request .Headers["COOKIES"];
}
What I get back in the alert message indicates zero cookies and a
completely empty Cookies header, but the FOO header comes through with
the "BAR" content. So it seems that something is stripping the Cookies
header from my request.
My multipart question: Is there some feature of the .NET Framework
that prevents cookies from coming through? Or is it the XMLHTTP client-
side object? Or am I missing the point entirely?
Please post solutions, commiseration, war stories, and pointers to
documentation. Thanks in advance.
Mark W. Schumann
Some Guy on Bridge Avenue
My web application wants to take advantage of an encrypted
authentication cookie that's provided by another application on the
same server. The cookie is visible on the client side, but when I
invoke a method on my web service no cookies are visible.
For example, here is the relevant code in an example Javascript
client:
var o = new ActiveXObject(" MSXML2.XMLHTTP" );
o.open("POST"," http://localhost/Example/Service1.asmx", false);
o.setRequestHea der("Content-Type", "text/xml");
o.setRequestHea der("SOAPAction ", "http://tempuri.org/HelloWorld");
o.setRequestHea der("Cookie", "foo=bar; baz=quux");
o.setRequestHea der("Cookie", "foo=bar; baz=quux");
o.setRequestHea der("FOO", "BAR");
var msg = "<soap:Enve lope xmlns:xsi='http ://www.w3.org/2001/XMLSchema-
instance' xmlns:xsd='http ://www.w3.org/2001/XMLSchema'
xmlns:soap='htt p://schemas.xmlsoap .org/soap/
envelope/'><soap:Body><H elloWorld xmlns='http://tempuri.org'></
HelloWorld></soap:Body></soap:Envelope>" ;
o.send(msg);
alert (o.responseXML. xml);
And here is the relevant code in the C# method it calls:
[WebMethod]
public string HelloWorld()
{
return "Hello World! There are " +
Context.Request .Cookies.Count. ToString() + " cookies! Your FOO header
is " + Context.Request .Headers["FOO"] + " but your Cookies header is "
+ Context.Request .Headers["COOKIES"];
}
What I get back in the alert message indicates zero cookies and a
completely empty Cookies header, but the FOO header comes through with
the "BAR" content. So it seems that something is stripping the Cookies
header from my request.
My multipart question: Is there some feature of the .NET Framework
that prevents cookies from coming through? Or is it the XMLHTTP client-
side object? Or am I missing the point entirely?
Please post solutions, commiseration, war stories, and pointers to
documentation. Thanks in advance.
Mark W. Schumann
Some Guy on Bridge Avenue
Comment