Why do .NET web request classes re-run requests without authentication headers?_问答_开发者

Why do .NET web request classes re-run requests without authentication headers?

开发者 https://www.devze.com 2023-01-08 20:22 出处：网络

I\'m writing a WPF test application against a WCF REST service running on Azure local development fabric with a custom Basic Authentication provider.

I'm writing a WPF test application against a WCF REST service running on Azure local development fabric with a custom Basic Authentication provider.

When the test client makes a call, using either WebClient or HttpWebRequest, it passes the authorization header and the custom provider authenticates it. The service then receives the same request again but without the authentication header. This is all happening within a single call to either request.GetResponse or webClient.DownloadString.

Please help, I'm going mad.

Client code:

using (var client = new WebClient())
{
    client.Headers.Add(HttpRequestHeader.Authorization, "Basic " +
        Convert.ToBase64String(Encoding.ASCII.GetBytes(UserName + ":" + Password)));
    try
    {
        ResponseText = client.DownloadString(BaseAddress + "/" + MethodCall);
    }
    catch (WebException ex)
    {
        ResponseText = ex.Message + Environment.NewLine + Environment.NewLine + ex;
    }
}

(This version is setting the Authorization header directly because setting Credentials with WebClient didn't seem to work at all.)

EDIT: Fiddler is showing that the initial call is getting a 307 redirect, probably because of the Azure dev fabric. Are the .NET web classes too stupid to resend the Authorization header on 开发者_如何转开发a redirect?

And the answer is, WebClient requires a / on the end of the URL. (fail)