Clever Geek Handbook

.Net web request through proxy, auto-detect credentials

I spent some time through the articles on this site to find exactly what I am trying to accomplish, but no luck so far. I am making a web request in my client application and I want to make sure it works through a proxy. I have set up Fiddler2 to act as a proxy for testing and I am forcing it to require authentication.

I basically figured out how to use a proxy:

    Dim proxy As IWebProxy = WebRequest.GetSystemWebProxy()
    webService.Proxy = proxy

I also tried to get the correct credentials for the proxy

    webService.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials

and also adding it to app.config in the config section:

    <system.net>
        <defaultProxy useDefaultCredentials="true" />
    </system.net>

In both cases I get the same web exception:

    The request failed with HTTP status 407: Proxy Auth Required.

Fiddler2 proxy has username 1 and password 1, and if I give them as credentials to request programmatically, the request is successfully authenticated. However, is there a reason why it cannot grab credentials from IE in the same way it grabs proxy information?

Is Fiddler proxy an exception to how this works? Will a regular proxy using Windows Authentication be fine with the methods I tried to get the credentials and is there a way I can easily verify?

+3


source to share


1 answer


Most, but not all, proxy servers that require authentication use the current Windows user credentials. As a consequence, DefaultCredentials are commonly used.

Having said that, it's possible that the proxy will require user credentials (for example, Fiddler wants "1: 1") and when that happens, there is no way your code really knows what those credentials are. You might be lucky enough to ask CredMan to find out if there are stored credentials for the target proxy scope, but that often won't work (assuming it ever does). You can't "ask IE" for credentials at all, because it generally doesn't save storage; instead, it asks the user for them on the first request for a session and stores them in memory for the lifetime of that session.



If you expect your software to run in an environment with such a proxy, you should catch the HTTP / 407 response and ask the user for their proxy credentials, which you can manually add to the request on restart.

See my IEInternals post for a discussion of this topic.

+2


source






More articles:


All Articles