如何更正ASP.NET中的Forms Authenticated WebRequest上的内部服务器错误500

时间:2014-10-21 15:51:09

标签: c# asp.net forms forms-authentication webrequest

这个问题似乎之前已经有过各种各样的问题,所以我会尝试在我的特定应用中简洁明了。

我们正在尝试在我们的Intranet上实现Lucene搜索索引器,该索引器正在对我们的域使用基于表单的身份验证(使用LDAP)。

我在线跟踪了一些例子,最终都指向500错误;但是,这个似乎有正确的方法:Forms Auth Test in C#

那就是说,我必须修改代码以反映我自己的登录表单和服务器地址:

HttpWebRequest request = null;
HttpWebResponse response = null;
StreamReader sr = null;

String originalUri = "http://localhost:18843/default.aspx";

// Request page protected by forms authentication.
// This request will get a 302 to login page
System.Diagnostics.Debug.WriteLine("Requesting : " + originalUri);
request = (HttpWebRequest)WebRequest.Create(originalUri);
request.AllowAutoRedirect = false;

response = (HttpWebResponse)request.GetResponse();
if (response.StatusCode == HttpStatusCode.Found)
{
   System.Diagnostics.Debug.WriteLine("Response: 302 ");
   System.Diagnostics.Debug.WriteLine(response.StatusCode);
}
else
{
   System.Diagnostics.Debug.WriteLine("Response status is " + response.StatusCode + ". Expected was Found");
}

// Get the url of login page from location header
String locationHeader = response.GetResponseHeader("Location");
System.Diagnostics.Debug.WriteLine("Location header is " + locationHeader);

// Request login page
String loginPageUrl = "http://localhost:18843" + locationHeader;
System.Diagnostics.Debug.WriteLine("Requesting " + loginPageUrl);
request = (HttpWebRequest)WebRequest.Create(loginPageUrl);
request.AllowAutoRedirect = false;

response = (HttpWebResponse)request.GetResponse();
if (response.StatusCode == HttpStatusCode.OK)
{
    System.Diagnostics.Debug.WriteLine("Response: 200 ");
    System.Diagnostics.Debug.WriteLine(response.StatusCode);
}
else
{
    System.Diagnostics.Debug.WriteLine("Response status is " + response.StatusCode + ". Expected was OK");
}

System.Diagnostics.Debug.WriteLine("Parsing login page to create post message");

sr = new StreamReader(response.GetResponseStream());
String loginResponse = sr.ReadToEnd();
sr.Close();

String eventTargetVar = "__EVENTTARGET=";
String eventTargetValue = "";
String eventArgumentVar = "__EVENTARGUMENT=";
String eventArgumentValue = "";

String viewStateVar = "__VIEWSTATE=";
String viewStateSearchString = "name=\"__VIEWSTATE\" id=\"__VIEWSTATE\" value=\"";
int viewStateStartIndex = loginResponse.IndexOf(viewStateSearchString);
loginResponse = loginResponse.Substring(viewStateStartIndex +    viewStateSearchString.Length);
String viewStateValue = Uri.EscapeDataString(loginResponse.Substring(0, loginResponse.IndexOf("\" />")));
loginResponse = loginResponse.Substring(loginResponse.IndexOf("\" />"));

String lcSearchStr = "input name=";
int lcSearchIndex = 0;

// Look for logon control id
// Use any valid username and password

lcSearchIndex = loginResponse.IndexOf(lcSearchStr);
//I repeated the search here because the first instance returned my Master Page Search Box
lcSearchIndex = loginResponse.IndexOf(lcSearchStr, lcSearchIndex+1);
loginResponse = loginResponse.Substring(lcSearchIndex + lcSearchStr.Length + 1);
String userNameVar = Uri.EscapeDataString(loginResponse.Substring(0, loginResponse.IndexOf("\""))) + "=";
String userNameValue = "[username]"; //redacted for security

lcSearchIndex = loginResponse.IndexOf(lcSearchStr);
loginResponse = loginResponse.Substring(lcSearchIndex + lcSearchStr.Length + 1);
String passwordVar = Uri.EscapeDataString(loginResponse.Substring(0, loginResponse.IndexOf("\""))) + "=";
String passwordValue = "[userpassword]"; //redacted for security

lcSearchStr = "type=\"submit\" name=";
lcSearchIndex = loginResponse.IndexOf(lcSearchStr);
loginResponse = loginResponse.Substring(lcSearchIndex + lcSearchStr.Length + 1);
String loginButtonVar = Uri.EscapeDataString(loginResponse.Substring(0, loginResponse.IndexOf("\""))) + "=";
String loginButtonValue = "Login";

String eventValidationVar = "__EVENTVALIDATION=";
String eventValSearchString =
"name=\"__EVENTVALIDATION\" id=\"__EVENTVALIDATION\" value=\"";
int eventValStartIndex = loginResponse.IndexOf(eventValSearchString);
loginResponse = loginResponse.Substring(eventValStartIndex + eventValSearchString.Length);

String eventValidationValue =
Uri.EscapeDataString(loginResponse.Substring(0, loginResponse.IndexOf("\" />")));

/ *构建表单,值得注意我的“实际”表单输入,为了清晰和洞察力重复此处* / // BEGIN实际的logon.aspx表单

<input type=\"hidden\" name=\"__VIEWSTATE\" id=\"__VIEWSTATE\" value=\"[viewstate data]" />
<input type=\"hidden\" name=\"__VIEWSTATEGENERATOR\" id=\"__VIEWSTATEGENERATOR\" value=\"[viewstategen]\" /> 
<input type=\"hidden\" name=\"__EVENTVALIDATION\" id=\"__EVENTVALIDATION\" value=\"[val]" />
<input name=\"ctl00$txtSearch\" type=\"text\" value=\"Search Site\" id=\"ctl00_txtSearch\" class=\"header-search-txtSearch\" style=\"width:85%;\" />
<input type=\"image\" name=\"ctl00$btnSearch\" id=\"ctl00_btnSearch\" class=\"header-search-lnkSearch\" src=\"images/header-search-MagGlass.png\" border=\"0\" />
<input name=\"ctl00$MainContent$txtUsername\" type=\"text\" id=\"ctl00_MainContent_txtUsername\" style=\"width:60%;\" />                
<input name=\"ctl00$MainContent$txtPassword\" type=\"password\" id=\"ctl00_MainContent_txtPassword\" style=\"width:60%;\" />
<input id=\"ctl00_MainContent_chkPersist\" type=\"checkbox\" name=\"ctl00$MainContent$chkPersist\" />
<input type=\"submit\" name=\"ctl00$MainContent$btnLogin\" value=\"Login\" id=\"ctl00_MainContent_btnLogin\" style=\"float: right;\" />

// END logon.aspx 

String postString = eventTargetVar + eventTargetValue;                  
postString += "&" + eventArgumentVar + eventArgumentValue;
postString += "&" + viewStateVar + viewStateValue;
postString += "&" + "ctl00$txtSearch=Search Site";
postString += "&" + "ctl00$btnSearch=images/header-search-MagGlass.png";
postString += "&" + userNameVar + userNameValue;
postString += "&" + passwordVar + passwordValue;
postString += "&" + "ctl00$MainContent$chkPersist=";
postString += "&" + loginButtonVar + loginButtonValue;
postString += "&" + eventValidationVar + eventValidationValue;

//
// Do a POST to login.aspx now
// This should result in 302 with Set-Cookie header
//
System.Diagnostics.Debug.WriteLine("POST request to http://localhost:18843" + locationHeader);
request = (HttpWebRequest)WebRequest.Create("http://localhost:18843" + locationHeader);
request.AllowAutoRedirect = false;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";

System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] requestData = encoding.GetBytes(postString);
request.ContentLength = requestData.Length;

Stream requestStream = request.GetRequestStream();
requestStream.Write(requestData, 0, requestData.Length);
requestStream.Close();

//
//ERROR 500 occurs on following line
response = (HttpWebResponse)request.GetResponse();

if (response.StatusCode == HttpStatusCode.Found)
{
    System.Diagnostics.Debug.WriteLine("Response: 302 ");
    System.Diagnostics.Debug.WriteLine(response.StatusCode);
}
else
{
    System.Diagnostics.Debug.WriteLine("Response status is " + response.StatusCode + ". Expected was Found");
}

locationHeader = response.GetResponseHeader("Location");
System.Diagnostics.Debug.WriteLine("Location header is " + locationHeader);
String cookie = response.GetResponseHeader("Set-Cookie");
System.Diagnostics.Debug.WriteLine("Set-Cookie header is " + cookie);
System.Diagnostics.Debug.WriteLine("");

//
// Send request to originalUri with the cookie
// We should be able to see originalUri contents
//
System.Diagnostics.Debug.WriteLine("Requesting http://localhost:18843" + locationHeader + " with cookie");
request = (HttpWebRequest)WebRequest.Create("http://localhost:18843" + locationHeader);
request.AllowAutoRedirect = false;
request.Headers.Add(HttpRequestHeader.Cookie, cookie);

response = (HttpWebResponse)request.GetResponse();
if (response.StatusCode == HttpStatusCode.OK)
{
    System.Diagnostics.Debug.WriteLine("Response: 200 ");
    System.Diagnostics.Debug.WriteLine(response.StatusCode);
}
else
{
    System.Diagnostics.Debug.WriteLine("Response status is " + response.StatusCode + ". Expected was OK");
}
System.Diagnostics.Debug.WriteLine("");

System.Diagnostics.Debug.WriteLine("Contents of " + originalUri);
System.Diagnostics.Debug.WriteLine("");

sr = new StreamReader(response.GetResponseStream());
System.Diagnostics.Debug.WriteLine(sr.ReadToEnd());
sr.Close();

所以你有它。在这个家伙博客的评论中,据说其他人也有500错误,但似乎没有补救措施。我试图加入小提琴手看看是什么,但到目前为止都没有成功。

我真的希望这是我愚蠢的事情,可以很快得到纠正。谢谢大家!

0 个答案:

没有答案
相关问题
最新问题