400 Error from WebService using .NET 2.0 and PreAuthenticate

Prashant from my team found this interesting issue.  I will blog it here until the KB comes out on this.

WebService server responds back with a HTTP 400 error when using PreAuthenticate on the WebServiceProxy class.  This results in a System.Net.WebException: “The request failed with HTTP status 400: Bad Request”

Consuming a WebService that uses Basic Authentication from a .Net 2.0 client through a Proxy using NTLM authentication the WebService server responds back with a HTTP 400 error message.  This happens only when using the PreAuthenticate property of the proxied WebService class.

When the client uses the PreAuthenticate property, the client tries to re-negotiate the NTLM handshake with the Proxy. When the Proxy sees that the connection has already been authenticated, it simply ignores the re-negotiation and forwards a blank request - with Content-Length: 0 to the server. The server expects a valid Content-Length followed by a soap-envelope which it never receives and hence responds back with a HTTP 400: Bad Request response.

Do not set the HttpWebRequest.PreAuthenticate property (set it to false) when calling the Webservice with the above configuration.  By default, the PreAuthenticate is turned off and set to false.


Comments (3)

  1. bivarsoy says:

    Hi. When you write Proxy do you mean an ISA Server?

    We experience this problem in a similar context:

    We have a Win XP .NET 2.0 GUI appliction using web service proxies communicating with integrated windows security towards Web services (proxy services) running on a W2K3  which again flows through an ISA Server towards actual back-end Web services (here we use anonymous access). This fails with or without setting PreAuthenticate to false or true with HTTP 400 – "server cannon clear headers" message.  The client has the basic .NET 2.0 run time redistributable while the servers have .NET 2.0 with service pack 1.

    Any suggestions?

    Tx. Bjorn

  2. Jeff Sanders says:

    I would suggest you contact Microsoft Support.  http://support.microsoft.com

Skip to main content