Problem When Calling Web Method Of Web Service From Pocket PC 2003.

[Stephany Young]

When the Web site and Web Service application are set to allow Anonymous
access, the following code works perfectly when used in both a Desktop
application and a Pocket PC 2003 application.

Imports System.Net
Imports <web reference>

Private Sub CallHelloWorld()

Label1.Text = String.Empty

Label1.Update()

Dim _ws As <web service> = New <web service>

Label1.Text = _ws.HelloWorld()

End Sub


When the Web site and Web Service application are set to allow only Windows
Authentication, the following code works perfectly when used in a Desktop
application but fails with a 401 (Unathorized) error when used in a Pocket
PC 2003 application.
The same behaviour occurs if the Web site is set to allow Anonymous access
and the Web Service application is set to allow only Windows Authentication.

Imports System.Net
Imports <web reference>

Private Sub CallHelloWorld()

Label1.Text = String.Empty

Label1.Update()

Dim _ws As <web service> = New <web service>

Dim _nwc As NetworkCredential = New NetworkCredential("<user
name>@<domain name>", "<password>")

_ws.Credentials = _cred

_ws.PreAuthenticate = True

Label1.Text = _ws.HelloWorld()

End Sub


When the Web site and Web Service application are set to allow only Basic
Authentication, the following code works perfectly when used in a Desktop
application but fails with a 401 (Unathorized) error when used in a Pocket
PC 2003 application.
The same behaviour occurs if the Web site is set to allow Anonymous access
and the Web Service application is set to allow only Basic Authentication.

Imports System.Net
Imports <web reference>

Private Sub CallHelloWorld()

Label1.Text = String.Empty

Label1.Update()

Dim _ws As <web service> = New <web service>

Dim _nwc As NetworkCredential = New NetworkCredential("<user name>",
"<password>")

_ws.Credentials = _cred

_ws.PreAuthenticate = True

Label1.Text = _ws.HelloWorld()

End Sub

In the latter two examples, the behaviour is the same if the
'_ws.PreAuthenticate = True' line is removed.

In all examples, the behaviour is the same regardless of whether the Web
Service is accessed from the Internet or the LAN.
No proxy servers are involved.

To confuse the whole issue, accessing the Web service and Web method work
perfectly from PocketIE on the Pocket PC both from the LAN and from the
Internet.

I suspect that the use of the NetworkCredential class might be deprecated in
the CompactFramework or that there might be, (god forbid), a 'bug' in the
CompactFramework with the effect being that the details from the
NetWorkCredential object are not passed correctly in the call to the Web
method.

The Web Server is IIS 6.0 running on Windows Server 2003.
The Pocket PC has SP2 of the Compact Framework applied.

Can anyone definitely confirm that this is the case, and, if so, has anyone
come up with a reliable workaround?

 

[Alex Feinman [MVP]]

The CF application will be able to support basic authentication only. As for
your scenario, do you use a domain or a local account?
In both cases try constructing your NetworkCredential using this form:
New NetworkCredential(<user>, <password>, <domain>)

In case of a local computer account, use the computer name in place of
<domain>

 

[Stephany Young]

Thank you Alex for taking the time to read my epistle and respond.

Where I had erred earlier was in not supplying the domain to the credential
when attempting to use Basic Authentication.

Both forms:
New NetworkCredential(<user>, <password>, <domain>)
and
New NetworkCredential(<user>@<domain>, <password>)
work quite happily with Basic.

Do you know if this behaviour, (not being able to use Integrated), in the CF
is by design or a 'bug'?

I assume that is is a CF thing rather that a CE thing because PocketIE can
do it OK, obviously using some other mechanism.

Although the risk of interception is probably relatively low, I have to deal
with people who, not unreasonably, will probably baulk at using Basic
because the password is sent in clear text.

If this behaviour, (not being able to use Integrated), in the CF is by
design then I will probably look at using Anonymous and passing a
'roll-your-own' encrypted value as an input parameter to each web method and
have the method determine if the caller is allowed or not.

 

[Alex Feinman [MVP]]

AFAIK it is CF limitation - it does not support NTLM authentication. The
official workaround for your concern regarding opent text password
transmission is to use SSL

 

[Stephany Young]

Thank you again Alex.

I tried another search at MS using a keyword combination I hadn't tried
before and located a document that definitely states, as you say, that NTLM
Authentication is not supported in the CF. However another document states
that Digest Authentication is supported.

Now that I have changed the Web site and Web Service to use Digest
Authentication, both the desktop and Pocket PC 2003 apps work quite happily
both across the LAN and over the internet.

 

[Alex Feinman [MVP]]

That's good to know. I've heard about it but never tried it myself