I have a web service hosted on remote AIX server, the service has HTTPS access and with basic authentication turned on.
I used ASMX Web References to generate the proxy classes from my .Net 4.0 project. So I have following codes to call to the web service
var service = new ServiceProxy();
service.Credentials = new NetworkCredential("service-uid", "service-pwd");
var response = service.add(request);
That is very simple code. Now I ran Fiddler to inspect the traffic between my local Windows machine and remote Unix server, but I noticed following 4 lines from Fiddler:
- 200, HTTP, Tunnel To, unix-server-host
- 401, HTTPS, unix-server-host, /srvcs/method
- 200, HTTP, Tunnel To, unix-server-host
- 200, HTTPS, unix-server-host, /srvcs/method
I also opened my log file on AIX server, and confirmed 2 requests coming in within very close time
- source IP - unauthenticated 22/Aug/2013:14:05:51 -0500 "POST /srvcs/method HTTP/1.0" 401 1244
- source IP - service-uid 22/Aug/2013:14:05:52 -0500 "POST /srvcs/method HTTP/1.0" 200 3473
My service client issues 2 calls to Unix server, the first one is unauthenticated, the second one is successful - I got proper response.
Anybody understands why .Net client will generate first call without passing credential at all?