Home/ Questions/Q 6039697
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T06:24:26+00:00

I have a web service created using Apache CXF, and two .NET clients using

  • 0

I have a web service created using Apache CXF, and two .NET clients using Web References (not Service References). The compact framework client works, but the .NET 4.0 desktop client only works when talking to localhost. Here’s the client setup:

        var client = new Permission.Permission();
        client.Credentials = new NetworkCredential(username, password);
        client.PreAuthenticate = true;
        client.Url = url + "/Permission";

If url is http://localhost:8080/ the call succeeds, but if it is http://127.0.0.1:8080 the call fails with an error 401. For some reason the generated client code stops at the 401 response, and does not send the username and password.

Edit: I’ve found the culprit, but I don’t know the final answer. Visual Studio has inserted this section into the app.config file:

<applicationSettings>
    <MyService.Properties.Settings>
        <setting name="MyService_Permission_Permission" serializeAs="String">
            <value>http://localhost:8080/api/Permission</value>
        </setting>
    </MyService.Properties.Settings>
</applicationSettings>

The authentication works if I change the app.config to match the required URL. So my key question is: how does my code command the generated client to switch to a different instance of the web service, without editing app.config and restarting?

For further background, when I move the service code to another machine Wireshark shows the following sequence:

  1. Service to client:

     HTTP/1.1 100 Continue\r\n

  2. Client to Service:

     POST /api/Permission HTTP/1.1
 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 4.0.30319.225)
 VsDebuggerCausalityData: uIDPo8B4pxEyITVOlb6i18R2juMAAAAACwClY0YyykuVhoiZKG7oEPZ1kukkB6NLnxx6RVnHjT8ACQAA
 Content-Type: text/xml; charset=utf-8
 SOAPAction: ""
 Host: xxxxxx:8080
 Content-Length: 307
 Expect: 100-continue

  3. Service to Client:

     HTTP/1.1 401 Unauthorized
 Content-Length: 0
 content-type: text/xml; charset=utf-8
 Expect: 100-continue
 Host: xxx:8080
 SOAPAction: ""
 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 4.0.30319.225)
 VsDebuggerCausalityData: uIDPo8B4pxEyITVOlb6i18R2juMAAAAACwClY0YyykuVhoiZKG7oEPZ1kukkB6NLnxx6RVnHjT8ACQAA
 WWW-Authenticate: Basic realm=realm
 Server: Jetty(6.1.25)

  4. At the point the client should repeat the POST with basic authentication header added, but instead it stops.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’ve tracked down the answer. The hostname localhost is magic in a Web Reference. Inside the generated code lives this function:

        private bool IsLocalFileSystemWebService(string url) {
        if (((url == null) 
                    || (url == string.Empty))) {
            return false;
        }
        System.Uri wsUri = new System.Uri(url);
        if (((wsUri.Port >= 1024) 
                    && (string.Compare(wsUri.Host, "localHost", System.StringComparison.OrdinalIgnoreCase) == 0))) {
            return true;
        }
        return false;
    }
}

    By changing my app.config to default to 127.0.0.1, I bypass the special behaviour for authentication of local web services.

    The moral of this story: don’t use localhost in the URL when developing a web reference client against a local instance of the service.

    • 0