Search code examples
c#basic-authenticationssrs-2012http-status-code-401http-status-code-400

C# -HttpWebRequest returns 400 Bad request when connecting to Report Server programmatically

I am programmatically making a Http Web Request to Report Server from a asp net web page which is present in another remote machine for downloading the report (URL Access - SSRS)

when I directly type in the URL, browser asks me the credentials, and when I type in the credentials the report gets downloaded automatically in browser, but when I programmatically make the request, I get the below mentioned errors.

C# code :

string username="abc", password="123";
string url = @"http://ServerName/ReportingPath&Parameter1=123&rs:Format=PDF";
String encoded = System.Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes(username + ":" + password));                
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);                
request.Headers.Add("Authorization", "Basic " + encoded);
request.PreAuthenticate = true;
request.UserAgent = "Mozilla/4.0 (compatible; MSIE 11.0; Windows NT 6.0; WOW64; " +
                "Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; " +  ".NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30618; " +
                "InfoPath.2)";                
HttpWebResponse response = (HttpWebResponse)request.GetResponse();

I get a HTTP 400-bad-request when I supply username as "domain/abc" or "abc@domain", and It also comes when I place this statement

request.Credentials = new NetworkCredential(username,password,domain);

instead of line-> 

request.Headers.Add("Authorization", "Basic " + encoded);

If I supply username simply, stripping the domain, like username="abc", I get 401-Unauthorised error.

I don't get either of the errors 400 or 401 when I type in URL in the internet browser. I specify username as "domain/abc" and password as "123", when it asks for credentials

My webConfig file of report server is like this.. 

<Authentication>
<AuthenticationTypes>
        <RSWindowsBasic/>
</AuthenticationTypes>
<RSWindowsExtendedProtectionLevel>Off</RSWindowsExtendedProtectionLevel>
<RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
<EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>

Any help on this will be appreciated.

Solution

  • Can you try to set url as http://abc:123@ServerName/ReportingPath&Parameter1=123&rs:Format=PDF and without authentication.

    It's part of basic authentication in HTTP.