[Rets-dev] Connect to RETS with ASP.NET 2.0

Colby Ackerfield c2 at realgo.com
Thu Aug 23 17:52:18 CDT 2007 

Ralph,

That is a successful login response. Believe it or not, Internet Explore 
can successfully log into many RETS servers if they don't have user 
agent or client authentication requirements.

Colby

Ralph Paonessa wrote:
>
> I am attempting to create a website to connect to Rapattoni RETS using 
> ASP.NET 2.0. I was previously able to do this using ASP, where I used 
> Msxml2.ServerXMLHTTP and the process was:
>
>  
>
> 1. Connect to server, receive “401 Unauthorized” along with 
> WWW-Authenticate header.
>
> 2. Extract info from this header (nonce, opaque, etc.) to create an 
> Authorization header.
>
> 3. Connect again with Authorization header added, receive “200 OK” and 
> RETS-Session-ID.
>
> 4. Make subsequent queries by passing the RETS-Session-ID to RETS.
>
>  
>
> (I’m by no means expert at this, so it took a lot of stumbling around 
> to make this work, but it did.)
>
>  
>
> Under ASP.NET 2.0, the appropriate Class seemed to be HttpWebRequest, 
> so I’ve been trying to adapt my ASP code. I’ve gotten to the point 
> where RETS sends me the cookie, but I’m not sure I’ve actually logged 
> in correctly.
>
>  
>
> My confusion stems partly from the fact that I’d assumed I would have 
> to recreate the same code for Digest Authentication I wrote for ASP, 
> where I received a WWW-Authenticate header, extracted nonce and 
> opaque, did some MD5 hashing, sent it all back, and finally received 
> the RETS-Session-ID.
>
>  
>
> Instead, I’ve “discovered” an authentication scheme is ASP.NET 2.0 
> where I specify “Digest” authentication along with my RETS Username 
> and Password, and ASP.NET seems to do the rest. Here’s what I get back 
> from RETS after my first attempt to login:
>
>  
>
> RESPONSE HEADERS:
>
>  
>
> RETS-Version: RETS/1.5
>
> Transfer-Encoding: chunked
>
> Cache-Control: private
>
> Content-Type: text/xml; charset=utf-8
>
> Date: Thu, 23 Aug 2007 20:59:02 GMT
>
> Set-Cookie: RETS-Session-ID=xxxxxxxxxxxxxxxx805bdf225cfea145; path=/
>
> Server: Microsoft-IIS/6.0
>
> X-AspNet-Version: 1.1.4322
>
> X-Powered-By: ASP.NET (06)
>
>  
>
> RESPONSE TEXT:
>
>  
>
> <RETS ReplyCode="0" ReplyText="Operation successful." >
>
> <RETS-RESPONSE>
>
> MemberName=First  Last
>
> User=123456,NULL,NULL,44
>
> Broker=99
>
> MetadataVersion=01.50.11651
>
> MinMetadataVersion=01.50.11651
>
> TimeoutSeconds=1800
>
> GetObject=/ridgecrest/RAAR/getobject.aspx
>
> Login=/ridgecrest/RAAR/login.aspx
>
> Logout=/ridgecrest/RAAR/logout.aspx
>
> Search=/ridgecrest/RAAR/search.aspx
>
> GetMetadata=/ridgecrest/RAAR/getmetadata.aspx
>
> </RETS-RESPONSE>
>
> </RETS>
>
>  
>
> But now I’m totally confused! DID I ACTUALLY LOG IN TO RETS, with 
> ASP.NET magically handling all that finicky Digest Authentication and 
> MD5’ing for me?? That would be slick.
>
>  
>
> Does the fact that I’ve received a RETS-Session-ID mean that I’ve 
> actually logged in? I haven’t yet succeeded in getting any further 
> with this RETS-Session-ID (but that may be because of bugs in my 
> subsequent steps). I’m surprised by the fact that I got this far 
> without ever seeing the WWW-Authenticate header, but maybe it’s 
> “easier” in ASP.NET 2.0 …
>
>  
>
> Here’s some of the code I used (ASP.NET 2.0 Visual Basic)
>
>  
>
> -------------------------------------------------------------------------------
>
>  
>
> Imports Rets_Constants
>
> Imports Rets_Functions
>
> Imports System.Net
>
> Imports System.IO
>
>  
>
> Dim strUri = "http://" & Rets_Server & ":" & Rets_Port & Rets_LoginURI
>
> Dim myUri As New Uri(strUri)
>
> UriLabel.Text = myUri.ToString()
>
>  
>
> ' ---Connect to RETS using HttpWebRequest from System.Net Class
>
>  
>
> Dim myRequest As HttpWebRequest = WebRequest.Create(myUri)
>
>  
>
> ' ---Add request headers
>
>  
>
> With myRequest
>
>     .Accept = "*/*"
>
>     .UserAgent = Rets_UserAgent
>
>     .Headers.Add("RETS-Version", Rets_Version)
>
>     .ProtocolVersion = HttpVersion.Version11
>
> End With
>
>  
>
> ' Use ASP.NET Network Credentials to specify “Digest” authentication 
> and send Username and Password (not sure how this works!)
>
>  
>
> myCache.Add(New Uri(strUri), "Digest", New 
> NetworkCredential(Rets_Username, Rets_Password))
>
> myRequest.Credentials = myCache
>
>  
>
> Dim myResponse As HttpWebResponse = myRequest.GetResponse()
>
>  
>
> ' ---The RESPONSE TEXT shown above comes from results…
>
>  
>
> Dim sr As New StreamReader(myResponse.GetResponseStream())
>
> Dim results As String = sr.ReadToEnd()
>
>    
>
> ' ---The RESPONSE HEADERS shown above come from ResponseHeaderLabel.Text …
>
>  
>
> Dim i As Integer = 0
>
>     ResponseHeaderLabel.Text = ""
>
>     While i < myResponse.Headers.Count
>
>         ResponseHeaderLabel.Text &= myResponse.Headers.Keys(i) & ": " 
> & myResponse.Headers(i) & "<br />"
>
>         i = i + 1
>
>     End While
>
>  
>
> ' ---Save the RETS-Session-ID as a session variable…
>
>  
>
> Session("RetsSessionID") = 
> StringExtract(myResponse.GetResponseHeader("Set-Cookie"), 
> "RETS-Session-ID=", 32)
>
>  
>
> -------------------------------------------------------------------------------
>
>  
>
> I will be extremely grateful to anyone with insights into this!
>
>  
>
> Ralph Paonessa
>
>  
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Rets-dev mailing list
> Rets-dev at rets.org
> http://lists.rets.org/mailman/listinfo/rets-dev
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rets.org/pipermail/rets-dev/attachments/20070823/9d5965e7/attachment.html

More information about the Rets-dev mailing list