Hi All,
I think I maybe falling victim to the "double hop"!
We have a windows form program that uses a 3rd party web service to validate bank details (BIC, IBAN etc.)
It uses a class we developed that creates a uri and passes it through the firewall upto the service provider.
We were asked to provide similar functionality on our Intranet so we created a webforms page that points to the same original class. The problem is when the Windows form runs the class, it motors along and returns an answer in seconds, when the ASP.NET page calls the class however, it times out with an error saying it can not connect to the remote server.
I suspected an authentication issue so I wrote new class that inherits from the original class but Impersonates the current user for the web. However, this is still displaying the same behaviour.
Here is my "Web Class" code (with security redactions of course!)
Private Function SendRequest(uri As String, objResponse As String, ByRef theresult As Object) As Boolean
Dim iUsername As String = "USERXXXX"
Dim iPassword As String = "XXXXXXXXXXXXXX"
Dim wrGETURL As WebRequest = Nothing
Dim cc As System.Net.CredentialCache = Nothing
Dim theProxy As IWebProxy = Nothing
Dim wi As WindowsIdentity = Nothing
Dim CTx As WindowsImpersonationContext = Nothing
Try
'Get current User
wi = System.Web.HttpContext.Current.User.Identity
'Impersonate the current user...
CTx = wi.Impersonate
' Connection is established
wrGETURL = WebRequest.Create(uri)
theProxy = wrGETURL.Proxy
If Not IsNothing(theProxy) Then
theProxy.Credentials = CredentialCache.DefaultCredentials
End If
wrGETURL.PreAuthenticate = True
cc = New System.Net.CredentialCache
cc.Add(New Uri(uri), "Basic", New System.Net.NetworkCredential(iUsername, iPassword))
wrGETURL.Credentials = cc
' Objects reading response content are created
Dim objStream As Stream
objStream = wrGETURL.GetResponse.GetResponseStream()
Dim objReader As StreamReader
objReader = New StreamReader(objStream)
' Response content is stored into a variable
objResponse = objReader.ReadToEnd()
Select Case (TheAction)
Case (0)
Dim prev As Get_Details_of_a_BIC_result = JsonConvert.DeserializeObject(Of Get_Details_of_a_BIC_result)(objResponse)
theresult = objResponse.ToUpper.Replace("{", "").Replace("}", "").Replace("[", "").Replace("]", "").Replace(""",", vbCrLf)
Case (1)
Dim prev As Check_the_Validity_of_a_BIC = JsonConvert.DeserializeObject(Of Check_the_Validity_of_a_BIC)(objResponse)
If prev.validity = "IBIC" Then
theresult = "FALSE.1"
Else
theresult = "TRUE"
End If
Case (2)
Dim prev As Check_the_Validity_of_a_BIC_With_Date = JsonConvert.DeserializeObject(Of Check_the_Validity_of_a_BIC_With_Date)(objResponse.Replace("{""status"":", "").Replace("},""bic""", ",""bic"""))
If prev.validity = "IBIC" Or prev.user_message = "Invalid date parameter" Then
theresult = "FALSE.2"
Else
theresult = "TRUE"
End If
Case (3)
Dim prev As Get_the_LEI_for_a_BIC = JsonConvert.DeserializeObject(Of Get_the_LEI_for_a_BIC)(objResponse.Replace("{""status"":", "").Replace("},""bic""", ",""bic""").Replace("}}", "}"))
If prev.user_message.Contains("No corresponding LEI found") Then
theresult = prev.user_message
Else
theresult = prev.lei
End If
Case (4)
Dim prev As Get_the_National_IDs_for_a_BIC = JsonConvert.DeserializeObject(Of Get_the_National_IDs_for_a_BIC)(objResponse)
If prev.USER_MESSAGE.Contains("NO CORRESPONDING NATIONAL ID FOUND") Then
theresult = prev.USER_MESSAGE
Else
theresult = prev.id
End If
Case (8)
Dim prev As Check_the_Validity_of_a_iban = JsonConvert.DeserializeObject(Of Check_the_Validity_of_a_iban)(objResponse.Replace("{""status"":", "").Replace("},""iban""", ",""Iban"""))
If Not prev.validity = "IVAL" Then
theresult = "FALSE.3"
Else
theresult = "TRUE"
End If
Case (9)
Dim prev As Get_BIC_From_IBAN = JsonConvert.DeserializeObject(Of Get_BIC_From_IBAN)(objResponse)
If prev.BIC.Contains("NO CORRESPONDING NATIONAL ID FOUND") Then
theresult = prev.BIC
Else
theresult = prev.BIC
End If
Case Else
theresult = objResponse.ToUpper.Replace("{", "").Replace("}", "").Replace("[", "").Replace("]", "").Replace(""",", vbCrLf)
End Select
' Objects reading response content are destroyed
objReader.Close()
objStream.Close()
Return True
Catch ex As Exception
'Errors.displayError(ex.ToString, Errors.displayErrorType._Error)
If ex.ToString.Contains("(400)") Then
theresult = "FALSE"
Else
theresult = "'https://www.swiftrefdata.com/ws/'" & vbCrLf & vbCrLf & vbCrLf & ex.ToString
End If
Return False
Finally
'Stop impersonating the current user
If CTx IsNot Nothing Then
CTx.Undo()
End If
End Try
End Function