Search code examples
c#asp.net-mvc-3authenticationwebclientnetworkcredentials

How to authenticate in an ASP.NET MVC application from a console application

I have a console application that sends a XML to a MVC application and receive another XML as a response. It works perfectly, but I want to add authorization (for obvious reasons).

Here is the code from the console application:

using (var wc = new WebClient())
{
    return GetXmlFromBytes(
        wc.UploadData("URL", GetBytesFromXml(xmlToSend))
    );
}

And here is the code from the MVC application:

public ActionResult DoSomething()
{
    XElement xml = XElement.Load(new System.IO.StreamReader(Request.InputStream));
    var response = InsertDataFromXml(xml);
    return File(GenerateFileFromResponse, "text/xml", "result.xml");
}

And it works. So, to implement the authorization, I added the following code:

Console (added the wc.Credentials):

using (var wc = new WebClient())
{
    wc.Credentials = new NetworkCredential("user", "password");
    return GetXmlFromBytes(
        wc.UploadData("URL", GetBytesFromXml(xmlToSend))
    );
}

MVC application (added the [Authorize]):

[Authorize]
public ActionResult DoSomething()
{
    XElement xml = XElement.Load(new System.IO.StreamReader(Request.InputStream));
    var response = InsertDataFromXml(xml);
    return File(GenerateFileFromResponse, "text/xml", "result.xml");
}

And it doesn't work. I don't know if this information is needed to solve this, but my web.config has the following item:

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>

In fact, the file that the MVC application sends back is the HTML of the LogOn page!

What do I have to do to solve this? Is any parameter missing in the NetworkCredentials? I know it can be instantiated with a domain, but I don't know what is the domain of the users in the MVC application.

And, just to make sure: I assured "user" and "password" are valid.

Solution

  • You're mixing credential types;

    wc.Credentials = new NetworkCredential("user", "password");

    is for HTTP authentication.

    <authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>

    is forms authentication.

    These are entirely different, and not compatible. Using forms authentication from a command line app is challenging, you'd need to go to the login page with a request, POST the username and password, then take the authentication cookie that is return and attach it to subsequent requests.