Click here to Skip to main content
12,998,391 members (58,724 online)
Click here to Skip to main content
Articles » Languages » C# » General » Downloads


49 bookmarked
Posted 27 Oct 2003

Generate Valid MSNP9 ClientTicket

This article shows you how to get a valid ClientTicket for connecting to a MSN server
// These are the numbers where the addresses wil appear in the arraylist
// it is not the niced solution, but it works a lot faster
// you can use some kind of IDictionary object to put the value behind a key name
public int DARREALM			= 0;
public int DALOGIN			= 1;
public int DAREG			= 2;
public int PROPERTIES			= 3;
public int GENERALDIR			= 4;
public int HELP				= 5;
public int CONFIGVERSION		= 6;

public ArrayList PassportUrls;

/// <summary>
/// This function asks a valid login adres, to connect to
/// </summary>
/// <returns>true if succeed</returns>
public bool GetLoginServerAddres()
	// Make a request to the server, this adresses are being used in the MSN messenger
	HttpWebRequest ServerRequest = (HttpWebRequest)WebRequest.Create("");
	// Get the result
	HttpWebResponse ServerResponse = (HttpWebResponse)ServerRequest.GetResponse();
	if (ServerResponse.StatusCode == HttpStatusCode.OK)
		string retrieveddata = ServerResponse.Headers.ToString();
		PassportUrls = new ArrayList();
		// Pick up the header en split
		string[] result = ServerResponse.Headers.Get("PassportURLs").Split(',');
		foreach (string s in result)
			// The actual adres is provided behind the '=' sign
			PassportUrls.Add(s.Substring(s.IndexOf('=') + 1));
		return true;
		return false;

/// <summary>
/// This function connects to a login server to request a valid ticket,
/// that will be used to login on the MSN servers
/// </summary>
/// <param name="Password">The password of the user, this is just plain text. The connection is HTTPS
/// <param name="Username">The complete username</param>
/// <param name="ChallengeString">A challenge string that you have got, wile connecting to a msn server
/// <returns>a valid ticket, that you send back to the server to get connected</returns>
public string GetClientTicket(string Password, string Username, string ChallengeString)
	// First get a valid login adres for the initial server
	if (GetLoginServerAddres())
		// On the position of DALOGIN is a valid URL, for login
		string uri = "https://" + PassportUrls[DALOGIN];

		HttpWebRequest ServerRequest;
		HttpWebResponse ServerResponse;
			while( true )
				Console.WriteLine("Connecting to:  " + uri);
				// Make a new request
				ServerRequest = (HttpWebRequest)HttpWebRequest.Create(uri);
				ServerRequest.AllowAutoRedirect = false;
				ServerRequest.Pipelined = false;
				ServerRequest.KeepAlive = false;
				ServerRequest.ProtocolVersion = new Version(1,0);
				// Send the authentication header
				ServerRequest.Headers.Add("Authorization", "Passport1.4 OrgVerb=GET,OrgURL=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=" + Username.Replace("@", "%40") + ",pwd=" + Password + "," + ChallengeString + "\n");
				// Pick up the result
				ServerResponse = (HttpWebResponse)ServerRequest.GetResponse();

				// If the statuscode is OK, then there is a valid return
				if (ServerResponse.StatusCode == HttpStatusCode.OK)
					// Pick up the information of the authentications
					string AuthenticationInfo = ServerResponse.Headers.Get("Authentication-Info");
					// Get the startposition of the ticket id (note it is between two quotes)
					int startposition = AuthenticationInfo.IndexOf('\'');
					// Get the endposition 
					int endposition = AuthenticationInfo.LastIndexOf('\'');
					// Substract the startposition of the endposition
					endposition = endposition - startposition ;

					// Close connection

					// Generate a new substring and return it
					return AuthenticationInfo.Substring(startposition + 1, endposition -1 );
				// If the statuscode is 302, then there is a redirect, read the new adres en connect again
				else if (ServerResponse.StatusCode == HttpStatusCode.Found)
					uri = ServerResponse.Headers.Get("Location");
		catch (WebException e)
			// If the statuscode is 401, then an exeption occurs
			// Think that your password + username combination is not correct
			// return number so that calling functions knows what to do
			if (e.Status == WebExceptionStatus.ProtocolError)
				return "401";
				return "0";
	return "0";

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author

Paul Wijntjes (dominion99)
Software Developer (Senior) Traxion
Netherlands Netherlands
I am 27 year and live in the Netherlands. I have graduated in 2004, for the study Computer Science. After my study I have started working as a Technical Consultant in the Identity & Access management branch (

I have acquired my MCSE and MCSD certifications. Currently I developing a lot of cool things in .NET & Java, I'm also upgrading my certifications to .NET 2.0.

I am the main programmer for the product that we are developing within our company it's called the IM Sequencer (Formally known as the MIIS Sequencer). This product enables users to control the execution from the management agents in MIIS (Microsoft Identity Integration Server) or as it is called now ILM 2007 (Identity Lifecycle Manager 2007) it also generates extensive reports that contains all the results from the management agents that enables administrators to easily track down errors or failures.

Check out the products website There are allot of cool features implemented, is uses WMI to connect and communicate with MIIS \ ILM, threading to execute multiple agents, XSLT for reporting transformation, XML for configuration, WinForms for displaying and Win Service for the scheduler engine, very cool!

You can reach me at

You may also be interested in...

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.170622.1 | Last Updated 28 Oct 2003
Article Copyright 2003 by Paul Wijntjes (dominion99)
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid