Home/ Questions/Q 6251655
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T13:39:16+00:00

I am working on a .NET 2.0 winforms application that calls an ASP.NET 2.0

  • 0

I am working on a .NET 2.0 winforms application that calls an ASP.NET 2.0 website. The website is authenticated using forms authentication. The authentication service is enabled in the web.config, and I have done some experiments to confirm that I can access the service via JSON.

Here is my question: is there any built-in code to consume the System.Web.Extensions web services (authenticationService, profileService, etc.) in a purely .NET environment (not ASP.NET)? I can find examples using Silverlight and the later WCF services, but not anything in a 2.0 environment on both client and server. Adding the authentication service as a web service seems like the logical approach, but I could never get it to work pointing to my development server – I suppose that could be a separate question.

If I have to manage the AJAX request and response at a lower level, it’s certainly doable, but if something were already intended for this purpose it would certainly be easier and less error-prone.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I never got an answer for this, but eventually figured it out with the help of this tutorial. The short answer was yes, I had to manage the AJAX request/response at a fairly low level. Assuming you have a username and password you need to authenticate with, you first need to get an authentication cookie for it. I used the Json.NET library from Newtonsoft for the JSON serialization and deserialization, but you could use anything.

    Cookie GetFormAuthenticationCookie(string username, string password)
        {
            string uriString = ServerName + AUTH_SERVICE_URL;
            Uri uri = new Uri(uriString);

            // Need to cast this to HttpWebRequest to set CookieContainer property
            // With a null CookieContainer property on the request, we'd get an
            // empty HttpWebRequest.Cookies property
            HttpWebRequest request = WebRequest.Create(uri) as HttpWebRequest;
            request.Method = "POST";
            request.ContentType = "application/json; charset=utf-8";
            request.CookieContainer = new CookieContainer(); // needed to get non-empty Cookies collection back in response object

            // requestContents needs to look like this:
            // {
            //     username = 'theUserName',
            //     password = 'thePassword',
            //     createPersistentCookie = false
            // }
            string requestContents = GetJsonForLoginRequest(username, password);

            byte[] postData = Encoding.UTF8.GetBytes(requestContents);
            request.ContentLength = postData.Length;
            using (Stream dataStream = request.GetRequestStream())
            {
                dataStream.Write(postData, 0, postData.Length);
            }

            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            if (response.StatusCode != HttpStatusCode.OK)
            {
                throw new WebException("Response returned HttpStatusCode " + response.StatusCode);
            }

            // For now, assuming response ContentType is "application/json; charset=utf-8"
            object responseJson;
            using (Stream responseStream = response.GetResponseStream())
            {
                StreamReader reader = new StreamReader(responseStream);
                string responseString = reader.ReadToEnd();

                responseJson = JavaScriptConvert.DeserializeJson(responseString);
            }

            if (responseJson is bool)
            {
                bool authenticated = (bool)responseJson;
                if (authenticated)
                {
                    // response was "true"; return the cookie
                    return response.Cookies[".ASPXFORMSAUTH"];
                }
                else
                {
                    // apparently the login failed
                    return null;
                }
            }
            else
            {
                return null;
            }
        }

    Next, add the cookie to subsequent requests. In my case, that meant adding the cookie to the CookieContainer of the web service proxy I was using.

    • 0