Authenticating to Google Search Appliance using Basic HTTP auth and ASP.NET (VB)
- by Chainlink
I've run into a snag though which has to do with authentication between the Google Search Appliance and ASP. Normally, when asking for secure pages from the search appliance, the search appliance asks for credentials, then uses these credentials to try and access the secure results. If this attempt is successful, the page shows up in the results list. Since ASP is contacting the search appliance on the client's behalf, it will need to collect credentials and pass them along to the search appliance. I have tried a couple of different documented ways of accomplishing this, but they don't seem to work. Below is the code I have tried:
'Bypass SSL since discovery.gov.mb.ca does not have valid SSL cert (NOT PRODUCTION SAFE)
ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation)
googleUrl = "https://removed.com"
Dim rdr As New XmlTextReader(googleUrl)
Dim resolver As New XmlUrlResolver()
Dim myCred As New System.Net.NetworkCredential("USERNAME", "PASSWORD", Nothing)
Dim credCache As New CredentialCache()
credCache.Add(New Uri(googleUrl), "Basic", myCred)
resolver.Credentials = credCache
rdr.XmlResolver = resolver
doc = New System.Xml.XPath.XPathDocument(rdr)
path = doc.CreateNavigator()
Private Function customXertificateValidation(ByVal sender As Object, ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As Net.Security.SslPolicyErrors) As Boolean
Return True
End Function