5

I want to post username and password to a login page of a remote website using asp.net and pass it, to access login-required pages on website. In the other words suppose there is a page on a website that i would to surf it an grab something from it ,but login is required before it . how to call that Login page and post username and password from the asp.net application to pass it.

Thanks in advance

Mostafa Armandi
  • 879
  • 1
  • 11
  • 24

3 Answers3

6

The comment with passing them as the query string only works for GET parameters. This works for POST. As you can see I use the form entries username, password and login (the button) but in your case it might be entirely different values. So use a tool like Fiddler to catch which values a normal login is sending. When I did something similar I had to use a cookie-aware webclient because the service used cookies for session values. The service you are trying to access could use a query-session string - it entirely depends on the service.

Another problem I ran into when doing this, was that I had to fetch a session id from the html page and sent it for logging it. I have not included the code for that here, but I have it if you need it :)

var client = new CookieAwareWebClient();
client.Encoding = Encoding.UTF8;

// Post values

var values = new NameValueCollection();
values.Add("username", someusername);
values.Add("password", somepassword);
values.Add("login", "Login");   //The button

// Logging in
client.UploadValues(loginPageUrl, values); // You may verify the result. It works with https :)

// Download some secret page

var html= client.DownloadString(someurl);

CookieAwareWebClient

public class CookieAwareWebClient : WebClient
{
    private CookieContainer cookieContainer = new CookieContainer();

    protected override WebRequest GetWebRequest(Uri address)
    {
        WebRequest request = base.GetWebRequest(address);
        if (request is HttpWebRequest)
        {
            (request as HttpWebRequest).CookieContainer = cookieContainer;
        }
        return request;
    }
}
Lasse Espeholt
  • 17,622
  • 5
  • 63
  • 99
  • thanks lasseespeholt but what are those first parameters of NameValueColection ? Are there the Name or Id of Controls ? What about the last one (values.Add("login", "Login");); first and second parameter ? – Mostafa Armandi May 03 '11 at 13:48
  • @user711861 You need to find the values you have to sent yourself. I assume your do not have control over the site (otherwise this is a pretty bad way to do it). I recommend Fiddler where you can see the values sent back. `name=login, value=Login` is simply a button I had to sent with it so the call acted like a press on the button. – Lasse Espeholt May 04 '11 at 05:06
  • I understand this is a year old comment, but your code did help me. But then again, how do I put this html string into a div from code behind cuz if I try to just open a link after authenticating, it logs out. But if I use your verifier i.e. client.DownloadString(.." then it shows me logged in. – Ratan Dec 04 '12 at 21:30
  • also, I guess I need to catch JsessionID and pass it for authorization. Can you help me out here. – Ratan Dec 04 '12 at 22:05
  • @Ratan It's very much website dependent, so I suggest you post a question with all the information you know :) – Lasse Espeholt Dec 05 '12 at 08:33
  • @lasseespeholt I did, here is the link: http://stackoverflow.com/questions/13710425/transferring-authentication-from-asp-site-to-jsp/13710482#comment18840021_13710482 – Ratan Dec 05 '12 at 14:21
  • @lasseespeholt and your code seems to work fine as I am able to extract the html from the jsp page. My question is how can I redirect the user to the site instead of just showing the html from that page. I want the clients browser to transfer to the jsp site fully authenticated. – Ratan Dec 05 '12 at 16:51
  • @Ratan It should make the redirect automatically. Otherwise, grap the "location" attribute from `ResponseHeaders` and make it manually. – Lasse Espeholt Dec 05 '12 at 19:03
  • @lasseespeholt I tried, but could'nt get it to work. Can you make changes to your code above and show an example please. You can answer me on the specofic thread I made so that I can mark as answer as well. http://stackoverflow.com/questions/13710425/transferring-authentication-from-asp-site-to-jsp – Ratan Dec 10 '12 at 16:07
3

try reading this -> http://www.terminally-incoherent.com/blog/2008/05/05/send-a-https-post-request-with-c/

if you use firefox - download "tamper-data" and "live http-headers" to see what information is passed to the login site

with live http-headers you can see which data is passed in the POST

VisualBean
  • 4,908
  • 2
  • 28
  • 57
0

Lets suppose you want to redriect to www.ABC.com

construct querystring like

http://abc.com/products.aspx?field1=value1&field2=value2

And get this value on the other page. But it is recomended to use the POST method, hope this help

FIre Panda
  • 6,537
  • 2
  • 25
  • 38