Form Authentication and XmlDocument.Load

Question

I\'m running an asp.net web application with c#. The following is used: - Windows 2003 server - IIS6.0 - .net Framework 2.0.50727

I\'m trying to implement Forms Authent

Answer 1

if you are using forms authentication, even if you are already logged in, xmlDocument is going to the loging page first. This page is not an XML file. Hence the exception. I saw a suggestion that this could work:

void Main()
{
    XmlUrlResolver resolver = new XmlUrlResolver();
    resolver.Credentials = CredentialCache.DefaultCredentials;

    var x = new XmlDocument();
    x.XmlResolver = resolver;
    x.Load("https://yourUrl");
}

It sounds like a good advice but i could not get it work. I will try to get the xml using a web request instead. Because when I use a web browser, the xml is returned without needing to log on again through forms authentication.

---

Finally found the solution. As I explained this is due to using forms authentication. I was thinking once HTTPS is established all communication from the application will have authorization automatically. However, calls to back-end applications require authentication. That is why instead of getting back the xml I was getting an html page which is the login page. I managed to bypass the forms authentication by adding the authentication cookie as below:

var httpCookie = FormsAuthentication.GetAuthCookie(context.User.Identity.Name, false);
var cookie = new Cookie(httpCookie.Name, httpCookie.Value, httpCookie.Path, HttpContext.Current.Request.Url.Host);
var rq = (HttpWebRequest) WebRequest.Create(url);
rq.CookieContainer = new CookieContainer();
rq.CookieContainer.Add(cookie);
var rs = (HttpWebResponse) rq.GetResponse();                
var strm = rs.GetResponseStream();
var rdr = new StreamReader(strm);
var str = rdr.ReadToEnd();
var userDetails = new XmlDocument();                
userDetails.LoadXml(str);