400 Error from WebService using .NET 2.0 and PreAuthenticate
Prashant from my team found this interesting issue. I will blog it here until the KB comes out on this.
Problem
======
WebService server responds back with a HTTP 400 error when using PreAuthenticate on the WebServiceProxy class. This results in a System.Net.WebException: “The request failed with HTTP status 400: Bad Request”
Symptoms
=============================
Consuming a WebService that uses Basic Authentication from a .Net 2.0 client through a Proxy using NTLM authentication the WebService server responds back with a HTTP 400 error message. This happens only when using the PreAuthenticate property of the proxied WebService class.
Cause
=============================
When the client uses the PreAuthenticate property, the client tries to re-negotiate the NTLM handshake with the Proxy. When the Proxy sees that the connection has already been authenticated, it simply ignores the re-negotiation and forwards a blank request - with Content-Length: 0 to the server. The server expects a valid Content-Length followed by a soap-envelope which it never receives and hence responds back with a HTTP 400: Bad Request response.
Resolution
=============================
Do not set the HttpWebRequest.PreAuthenticate property (set it to false) when calling the Webservice with the above configuration. By default, the PreAuthenticate is turned off and set to false.