The information in this article applies to:
SUMMARYYou can use HttpSendRequestEx to send requests to a password-protected URL. This article outlines the different techniques you can use. MORE INFORMATIONThis is the usual sequence of APIs used with HttpSendRequest:
Method 1If the user name and password are known before sending the request (that is, they don't have to be dynamically entered by the user), then user name and password can be supplied directly to the InternetConnect API. However, unlike HttpSendRequest, HttpSendRequestEx will not resubmit a request on its own after receiving the "401 Access Denied" status code from the server. Therefore, HttpEndRequest will fail with an ERROR_INTERNET_FORCE_RETRY error. This error message from HttpEndRequest indicates that the application must go back to HttpSendRequestEx and send all the buffers with InternetWriteFile again.Method 2If it is not possible to supply credentials in the InternetConnect API, then you must use the following steps:
Both of the methods above have a serious drawback: Because HttpSendRequestEx is used to send large amounts of data, resubmitting the entire data upon receiving the ERROR_INTERNET_FORCE_RETRY error or the 401 status code may waste network bandwidth and time. Method 3 is the preferred method of handling user authentication with HttpSendRequestEx: Method 3This method involves sending an auxiliary request for the URL via HttpSendRequest. Note that HttpSendRequestEx should be called on the same handle as HttpSendRequest. This will ensure that the request sent by HttpSendRequestEx will be sent over the connection authenticated by the first call to HttpSendRequest. Reusing the connection (using "Keep-Alive" connection) is necessary for NTLM (NT LAN manager authentication) support. To preserve bandwidth and time, neither request nor reply should have large amounts of data. The best way to accomplish this is to send the same type of request with HttpSendRequest as HttpSendRequestEx, but with the 0 content length.The following steps show how to use an auxiliary request. It assumes that large amounts of data need to be POSTed to /Scripts/Poster.exe URL:
Performing all the authentication in HEAD request causes WinInet to create
an appropriate authorization header that is sent with a large request
submitted by HttpSendRequestEx.
REFERENCES
Internet Client SDK 4.0
Q184352 How to Upload Files to the Internet Information Server Q177188 Using HttpSendRequestEx for Large POST Requests © Microsoft Corporation 1998, All Rights Reserved. Additional query words:
Keywords : kbWinInet |
Last Reviewed: January 28, 2000 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |