[Rets-dev] Connect to RETS with ASP.NET 2.0

Libor Viktorin lviktorin at marketlinx.com
Fri Aug 24 08:54:31 CDT 2007 

Ralph,

 

Yes, the .NET 2.0 does the authentication for you. Once you specify your
credentials, the HttpWebRequest handles the full handshake.

In subsequent steps, make sure you handle cookies correctly. Read about
the HttpWebRequest.CookieContainer.

 

Good luck,

 

Libor

 

________________________________

From: rets-dev-bounces at rets.org [mailto:rets-dev-bounces at rets.org] On
Behalf Of Ralph Paonessa
Sent: Thursday, August 23, 2007 6:04 PM
To: rets-dev at rets.org
Subject: [Rets-dev] Connect to RETS with ASP.NET 2.0

 

I am attempting to create a website to connect to Rapattoni RETS using
ASP.NET 2.0. I was previously able to do this using ASP, where I used
Msxml2.ServerXMLHTTP and the process was:

 

1. Connect to server, receive "401 Unauthorized" along with
WWW-Authenticate header.

2. Extract info from this header (nonce, opaque, etc.) to create an
Authorization header.

3. Connect again with Authorization header added, receive "200 OK" and
RETS-Session-ID.

4. Make subsequent queries by passing the RETS-Session-ID to RETS.

 

(I'm by no means expert at this, so it took a lot of stumbling around to
make this work, but it did.)

 

Under ASP.NET 2.0, the appropriate Class seemed to be HttpWebRequest, so
I've been trying to adapt my ASP code. I've gotten to the point where
RETS sends me the cookie, but I'm not sure I've actually logged in
correctly.

 

My confusion stems partly from the fact that I'd assumed I would have to
recreate the same code for Digest Authentication I wrote for ASP, where
I received a WWW-Authenticate header, extracted nonce and opaque, did
some MD5 hashing, sent it all back, and finally received the
RETS-Session-ID.

 

Instead, I've "discovered" an authentication scheme is ASP.NET 2.0 where
I specify "Digest" authentication along with my RETS Username and
Password, and ASP.NET seems to do the rest. Here's what I get back from
RETS after my first attempt to login:

 

RESPONSE HEADERS:

 

RETS-Version: RETS/1.5

Transfer-Encoding: chunked

Cache-Control: private

Content-Type: text/xml; charset=utf-8

Date: Thu, 23 Aug 2007 20:59:02 GMT

Set-Cookie: RETS-Session-ID=xxxxxxxxxxxxxxxx805bdf225cfea145; path=/

Server: Microsoft-IIS/6.0

X-AspNet-Version: 1.1.4322

X-Powered-By: ASP.NET (06)

 

RESPONSE TEXT:

 

<RETS ReplyCode="0" ReplyText="Operation successful." >

<RETS-RESPONSE>

MemberName=First  Last

User=123456,NULL,NULL,44

Broker=99

MetadataVersion=01.50.11651

MinMetadataVersion=01.50.11651

TimeoutSeconds=1800

GetObject=/ridgecrest/RAAR/getobject.aspx

Login=/ridgecrest/RAAR/login.aspx

Logout=/ridgecrest/RAAR/logout.aspx

Search=/ridgecrest/RAAR/search.aspx

GetMetadata=/ridgecrest/RAAR/getmetadata.aspx

</RETS-RESPONSE>

</RETS>

 

But now I'm totally confused! DID I ACTUALLY LOG IN TO RETS, with
ASP.NET magically handling all that finicky Digest Authentication and
MD5'ing for me?? That would be slick.

 

Does the fact that I've received a RETS-Session-ID mean that I've
actually logged in? I haven't yet succeeded in getting any further with
this RETS-Session-ID (but that may be because of bugs in my subsequent
steps). I'm surprised by the fact that I got this far without ever
seeing the WWW-Authenticate header, but maybe it's "easier" in ASP.NET
2.0 ...

 

Here's some of the code I used (ASP.NET 2.0 Visual Basic)

 

------------------------------------------------------------------------
-------

 

Imports Rets_Constants

Imports Rets_Functions

Imports System.Net

Imports System.IO

 

Dim strUri = "http://" & Rets_Server & ":" & Rets_Port & Rets_LoginURI

Dim myUri As New Uri(strUri)

UriLabel.Text = myUri.ToString()

 

' ---Connect to RETS using HttpWebRequest from System.Net Class

 

Dim myRequest As HttpWebRequest = WebRequest.Create(myUri)

 

' ---Add request headers

 

With myRequest

    .Accept = "*/*"

    .UserAgent = Rets_UserAgent

    .Headers.Add("RETS-Version", Rets_Version)

    .ProtocolVersion = HttpVersion.Version11

End With

 

' Use ASP.NET Network Credentials to specify "Digest" authentication and
send Username and Password (not sure how this works!)

 

myCache.Add(New Uri(strUri), "Digest", New
NetworkCredential(Rets_Username, Rets_Password))

myRequest.Credentials = myCache

 

Dim myResponse As HttpWebResponse = myRequest.GetResponse()

 

' ---The RESPONSE TEXT shown above comes from results...

 

Dim sr As New StreamReader(myResponse.GetResponseStream())

Dim results As String = sr.ReadToEnd()

    

' ---The RESPONSE HEADERS shown above come from ResponseHeaderLabel.Text
...

 

Dim i As Integer = 0

    ResponseHeaderLabel.Text = ""

    While i < myResponse.Headers.Count

        ResponseHeaderLabel.Text &= myResponse.Headers.Keys(i) & ": " &
myResponse.Headers(i) & "<br />"

        i = i + 1

    End While

 

' ---Save the RETS-Session-ID as a session variable...

 

Session("RetsSessionID") =
StringExtract(myResponse.GetResponseHeader("Set-Cookie"),
"RETS-Session-ID=", 32)

 

------------------------------------------------------------------------
-------

 

I will be extremely grateful to anyone with insights into this!

 

Ralph Paonessa

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rets.org/pipermail/rets-dev/attachments/20070824/d8b2365c/attachment.html

More information about the Rets-dev mailing list