I have written a simple LightSwitch 2013 application that manages "customers" by adding a customer entity and let LightSwitch handle the attached SQL Server file. LightSwitch exposes the data with a restful service (ApplicationData.svc) that can be called like this:
https://somesite.azurewebsites.net/ApplicationData.svc/Customers
Now, I want to add another Windows 8 Universal App client application (Store and Phone), aside to the "included" HTML and Silverlight Desktop client. Therefore, I need to call the restful service programatically.
I struggle there with the forms authentication that I have enabled. So I try to log in programatically by code. I do not exactly know what is going on, I tried to analyze the traffic on the wire with fiddler. I see that there is a "LogIn.aspx" page called (GET), then a postback with the credentials filled out by the user is made (POST).
I always get an "401 - unauthorized" response.
My best guess looks like this:
var cookieContainer = new CookieContainer();
var clientHandler = new HttpClientHandler { CookieContainer = cookieContainer };
using (var client = new HttpClient(clientHandler))
{
client.BaseAddress = new Uri("https://somesite.azurewebsites.net");
// Get the login page
var loginGet = client.GetAsync("/LogIn.aspx").Result;
loginGet.EnsureSuccessStatusCode();
// Post-back to login page with credentials
var loginPost = client.PostAsync("/LogIn.aspx", new FormUrlEncodedContent(new Dictionary<string, string> {
{ "LoginUser$Username", "myname" },
{ "LoginUser$Password", "mypw"},
{ "LoginUser$LoginButton", "LOG+IN" },
})).Result;
loginPost.EnsureSuccessStatusCode();
// try to get the customers list via OData
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
// Getting a "401 - unauthorized" here:
var response = client.GetAsync("ApplicationData.svc/Customers").Result;
response.EnsureSuccessStatusCode();
}
Could someone kick me into the right direction?
PS: I know that if I wrote an .NET client, I could just use the "Lightswitch.ApplicationData" class to call the restful service seamlessly. This solution is suggested here:
authenticate Lightswitch Odata service that uses forms authentication
But in my case, I have a Windows 8 Universal App, so I cannot reference the "Server" assembly generated by LightSwitch, which is based on the .NET runtime.
So I finaly found it .... I was completely wrong by handling around with cookies ....
A lightswitch OData service with Forms authentication is exposed with Basic Authentication.
https://usernamme:[email protected]/ApplicationData/Customers
Be sure that you are using SSL of course!
See this article: Exposing LightSwitch Application Data