Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Chriztian Steinmeier 2800 posts 8790 karma points MVP 8x admin c-trib
    Sep 16, 2016 @ 20:04
    Chriztian Steinmeier
    0

    How to use GetXmlDocumentByUrl() with authentication

    Hi all - I have a small problem using the GetXmlDocumentByUrl() extension in umbraco.library.

    I've used Public Access to lock down the site, but one of the macros that render the meat of the page is using GetXmlDocumentByUrl(), fetching a document inside the site — but as it turns out, this request is not authenticated (so instead of an XML document, the HTML document with the Login screen is returned).

    Is there a way around this, or do I need to write my own extension that specifically handles this?

    /Chriztian

    Copy Link
  • Sebastiaan Janssen 5060 posts 15522 karma points MVP admin hq
    Sep 19, 2016 @ 06:18
    Sebastiaan Janssen
    0

    Unfortunately the GetXmlDocumentByUrl() method is very naive, so it doesn't know anything about how to authenticate. I think copying the method and adding the currently existing cookies like this might work: http://stackoverflow.com/questions/5443667/httpwebrequest-pass-credentials-to-next-httpwebrequest

    Copy Link
  • Chriztian Steinmeier 2800 posts 8790 karma points MVP 8x admin c-trib
    Sep 19, 2016 @ 07:29
    Chriztian Steinmeier
    0

    Thanks Sebastiaan,

    Sounds like it could do the trick -- I'll give it a go!

    /Chriztian

    Copy Link
  • Chriztian Steinmeier 2800 posts 8790 karma points MVP 8x admin c-trib
    Sep 26, 2016 @ 15:35
    Chriztian Steinmeier
    0

    Sad Panda :(

    Can't get it to work...

    I'm doing this (thanks to @k_h_schneider):

    public static XPathNodeIterator GetXmlDocumentByUrl(string Url)
{
    XmlDocument xmlDoc = new XmlDocument();
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(Url);
    request.CookieContainer = new CookieContainer();
    try {
        foreach (HttpCookie cookie in HttpContext.Current.Response.Cookies) {
            request.CookieContainer.Add(new Cookie(cookie.Name, cookie.Value, cookie.Path, cookie.Domain));
        }

        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        Stream responseStream = response.GetResponseStream();
        XmlTextReader reader = new XmlTextReader(responseStream);

        xmlDoc.Load(reader);

        response.Close();
        responseStream.Close();

    } catch (Exception err) {
        xmlDoc.LoadXml(string.Format("<error url=\"{0}\">{1}</error>", HttpContext.Current.Server.HtmlEncode(Url), err));
    }

    XPathNavigator xp = xmlDoc.CreateNavigator();
    return xp.Select("/");
}

    The request still gets sent to the login page.

    Anyone else got an idea? (My Plan B is to have the request go "outside" of the protected section of the site and then link them using a token of some sorts...

    /Chriztian

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft