Home/ Questions/Q 9188985
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T20:08:35+00:00

I have a simple ASP.NET MVC site with a single controller and some actions

  • 0

I have a simple ASP.NET MVC site with a single controller and some actions in it. A user needs to log in to access any action (Windows Authentication, ‘Authorize’ attribue on the controller class).

When accessing the site via a browser everything works fine.

On the client, I would also like to access the site via System.Net.WebClient. I set the credentials and all actions that return a View work just fine.

But when I try to access an action that tries to make a redirect (using Controller’s Rediret() method) the server returns a 401 Unauthorized.

I’ve read about problems with WebClient and Windows authentication but the stuff I found does not seem to apply here, because everything works except for the redirects.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    So after some weeks I had some time to come back to this problem and as it turns out, it has nothing to do with ASP.NET at all and it’s WebClient’s fault.
    WebClient clears its credentials before following a redirect, so in this case the original request was successful but the error the occurred when WebClient tried to access the page it had been redirected to, because authentication is necessary for the target, too.

    Unfortunately, you cannot just toggle this behavior via a Property. So my solution looks like this.

    //Credentials necessary for the request(s)
var cred = new NetworkCredential(username, password);

//Create initial request
var request = (HttpWebRequest)WebRequest.Create(url);
request.AllowAutoRedirect = false;
request.Credentials = cred;

//Get response to first request
var response = (HttpWebResponse)request.GetResponse();

//Follow redirects
while (response.StatusCode == HttpStatusCode.Redirect && maxRedirects > 0)
{
    //Build new URI for redirect target
    var uri = response.ResponseUri;
    url = String.Format("{0}://{1}:{2}{3}", uri.Scheme, uri.Host, uri.Port, response.GetResponseHeader("Location"));    

    //Create new request
    request = (HttpWebRequest)WebRequest.Create(url);
    request.AllowAutoRedirect = false;
    request.Credentials = cred;

    //Get new response
    response = request.GetResponse() as HttpWebResponse;

    maxRedirects--;
}

//Get the response's content
var sReader = new StreamReader(response.GetResponseStream());
string responseStr = sReader.ReadToEnd();

    Instead of using WebClient, I’m using HttpWebRequest and HttpWebResponse and follow the Redirect manually. Before making the request, I set the credentials necessary to complete the request

    • 0