Hello,
following code does not authorize username and password in IE web browser, once i have deployed the web-api application. I cannot seem to figure out the reason. I have tried debugging the live(when uploaded on the ftp)authentication using fiddler and was able to extract raw messages below, from different web browsers.
Could anyone please provide any assistance, into what the following response below mean?
Many Thanks
firefox:
GET http://xxxx.xxxx.com/api/values HTTP/1.1
Host: xxxx.xxxxx.com
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: __utma=160871039.470048631.1389004711.1389004711.1389004711.1; __utmc=160871039; __utmz=160871039.1389004711.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Connection: keep-alive
explorer:
GET http://#####.######.com/api/values HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-GB
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MDDCJS)
Accept-Encoding: gzip, deflate
Host: ####.#####.com
Cookie: __utma=160871039.1791605041.1363174995.1374568675.1374856696.5; __utmz=160871039.1363174996.1.2.utmcsr=bing|utmccn=(organic)|utmcmd=organic|utmctr=######; __qca=P0-637394059-1363174995765
Connection: Keep-Alive
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw==
DNT: 1
public class BasicAuthenticationMessageHandler : DelegatingHandler
{
private const string BasicAuthResponseHeader = "WWW-Authenticate";
private const string BasicAuthResponseHeaderValue = "Basic";
public IProvidePrincipal PrincipalProvider { get; set; }
protected override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(
HttpRequestMessage request,
CancellationToken cancellationToken)
{
AuthenticationHeaderValue authValue = request.Headers.Authorization;
if (authValue != null && !String.IsNullOrWhiteSpace(authValue.Parameter))
{
Credentials parsedCredentials = ParseAuthorizationHeader(authValue.Parameter);
if (parsedCredentials != null)
{
Thread.CurrentPrincipal = PrincipalProvider
.CreatePrincipal(parsedCredentials.Username, parsedCredentials.Password);
}
}
return base.SendAsync(request, cancellationToken)
.ContinueWith(task =>
{
var response = task.Result;
if (response.StatusCode == HttpStatusCode.Unauthorized
&& !response.Headers.Contains(BasicAuthResponseHeader))
{
response.Headers.Add(BasicAuthResponseHeader
, BasicAuthResponseHeaderValue);
}
return response;
});
}
private Credentials ParseAuthorizationHeader(string authHeader)
{
string[] credentials = Encoding.ASCII.GetString(Convert
.FromBase64String(authHeader))
.Split(
new[] { ':' });
if (credentials.Length != 2 || string.IsNullOrEmpty(credentials[0])
|| string.IsNullOrEmpty(credentials[1])) return null;
return new Credentials()
{
Username = credentials[0],
Password = credentials[1],
};
}
}