ASP.NET HTTP Authorization Header

Question

I would like to know why my asp.net application will not add the header to my post when it is named 'Authorization' but will work fine when I change one character, say "Authorizations". In documentation for other sites they always use the name "Authorization" so I would like to as well and at this point I just want to under stand why.

I have read a few topics about this but have not found any logical reason why.

Here is my code below:

string fileName = "c:\\xyz.xml"; string uri = "http://myserver/Default.aspx"; req = WebRequest.Create(uri); req.Method = "POST"; req.ContentType = "text/xml"; byte[] authBytes = Encoding.UTF8.GetBytes("DDSServices:jCole2011".ToCharArray()); req.Headers.Add("Authorization", "BASIC " + Convert.ToBase64String(authBytes) ); req.Headers.Add("test", "test"); UTF8Encoding encoder = new UTF8Encoding(); byte[] data = encoder.GetBytes(this.GetTextFromXMLFile(fileName)); req.ContentLength = data.Length; Stream reqStream = req.GetRequestStream(); reqStream.Write(data, 0, data.Length); reqStream.Close(); req.Headers.Add("Authorization", "BASIC" + Convert.ToBase64String(authBytes)); System.Net.WebResponse response = req.GetResponse(); System.IO.StreamReader reader = new StreamReader(response.GetResponseStream()); string str = reader.ReadToEnd(); 

The other annoying this is when i add the watched variable through fiddler it works fine.

Answer 1

I was ran into a question how to add Authentication/Credentials to the headers. I found the solution in the following way.

string _auth = string.Format("{0}:{1}", "myUser","myPwd"); string _enc = Convert.ToBase64String(Encoding.ASCII.GetBytes(_auth)); string _cred = string.Format("{0} {1}", "Basic", _enc); req.Headers[HttpRequestHeader.Authorization] = _cred; 

Which gave me those headers I want (pasted Wireshark descriptions),

Authorization: Basic bXlVc2VyOm15UHdk\r\n
Credentials: myUser:myPwd