Freigeben über

400 Error from WebService using .NET 2.0 and PreAuthenticate

  • Artikel

Prashant from my team found this interesting issue.  I will blog it here until the KB comes out on this.

Problem
======
WebService server responds back with a HTTP 400 error when using PreAuthenticate on the WebServiceProxy class.  This results in a System.Net.WebException: “The request failed with HTTP status 400: Bad Request”

Symptoms
=============================
Consuming a WebService that uses Basic Authentication from a .Net 2.0 client through a Proxy using NTLM authentication the WebService server responds back with a HTTP 400 error message.  This happens only when using the PreAuthenticate property of the proxied WebService class.

Cause
=============================
When the client uses the PreAuthenticate property, the client tries to re-negotiate the NTLM handshake with the Proxy. When the Proxy sees that the connection has already been authenticated, it simply ignores the re-negotiation and forwards a blank request - with Content-Length: 0 to the server. The server expects a valid Content-Length followed by a soap-envelope which it never receives and hence responds back with a HTTP 400: Bad Request response.

Resolution
=============================
Do not set the HttpWebRequest.PreAuthenticate property (set it to false) when calling the Webservice with the above configuration.  By default, the PreAuthenticate is turned off and set to false.

Comments

  • Anonymous
    October 17, 2007
    PingBack from http://www.soundpages.net/computers/?p=2708

  • Anonymous
    May 26, 2008
    Hi. When you write Proxy do you mean an ISA Server? We experience this problem in a similar context: We have a Win XP .NET 2.0 GUI appliction using web service proxies communicating with integrated windows security towards Web services (proxy services) running on a W2K3  which again flows through an ISA Server towards actual back-end Web services (here we use anonymous access). This fails with or without setting PreAuthenticate to false or true with HTTP 400 - "server cannon clear headers" message.  The client has the basic .NET 2.0 run time redistributable while the servers have .NET 2.0 with service pack 1. Any suggestions? Tx. Bjorn

  • Anonymous
    May 27, 2008
    I would suggest you contact Microsoft Support.  http://support.microsoft.com