Has anyone had success with using the new framework on Windows (7/8.1/10) desktop app with accessing a secure site? Any tips and/or tricks I should know of?
My AuthenticationRequired event is firing, I’m setting the correct realm, login and password and returning true, but I still receive a 401 AuthenticationRequired HTTPstatus error.
Any help and/or ideas appreciated.
I’m trying to access a site where the info from that site is manually entered in my apps database, and I want to automate that further if possible.
“Secure” site generally means one behind SSL. The ‘AuthenticationRequired’ event represents basic authentication which is just a HTTP header. You could create that header yourself and add it to the request before you send it off. This way you can determine if it’s the server, the client, or the client event that is failing you.
Phillip, thanks for your reply. I’ve tried that. Using a HTTP header tool attached to Chrome, I can confirm that the site expects"LDAP Username/Password" and use the following:
dim s as string = "Basic " + EncodeBase64("username:password", 0)
MySocket.RequestHeader("Authorization") = s.ToText
MySocket.Send("GET", myURL)
If we are talking about a Windows server I often had to use “domain\username” when logging in via browser prompt. Are you passing in “domain\username:password”?
[quote=320358:@Phillip Zedalis]If we are talking about a Windows server I often had to use “domain\username” when logging in via browser prompt. Are you passing in “domain\username:password”?
Hopefully this is for an internal network or behind SSL as basic authentication leaks. passwords very easily.[/quote]
Phillip, no this is an external state government site which I access at work through a proxy, but can also access it at home. I’ve only tried it from home at this stage. I’ll deal with the proxy issues if any later.
Sorry to resurrect an old thread, but I’ve just run into this myself. It seems like Xojo.Net.HTTPSocket on Windows will fire the AuthenticationRequired event, and then PageReceived with both the authorized and unauthorized content concatenated together. Works correctly on Mac.
Update: Yeah, this is infuriating. Tried putting the username and password into the url. That works on the Mac, and has the benefit of reducing the number of requests required. It does not work on Windows, the header is not included in the request. And since the new framework does not have Base64, there’s no way to compute the header manually.
Yes, setting the header manually works. I had to write an EncodeBase64 method, along with ShiftLeft and ShiftRight for the new framework to do it though, to keep the code cross-platform. Sometimes I really love the new framework…
Edit: ShiftLeft and ShiftRight are single-line methods, so its not really a big deal. But I find it absurd that these don’t exist in the new framework.
Yes iOS. Plus there’s a sense of future-proofing. I try to write code that isn’t deprecated as I write it. And we don’t know which new platforms in the future will require new framework either.
That’s my point. I can expect that new platforms will allow me to use the new framework. There is currently one platform that requires I use it. I can safely assume that any new platforms will not require the classic framework. So if I want to write future-proof code, I need to use the new framework. It’s the only framework I can safely assume will work with all projects current and future.