WinHttpQueryAuthSchemes return 4317 (ERROR_INVALID_OPERATION)
Michelle
I call WinHttpQueryAuthSchemes in my program, and it used
to be working fine. But today after I made some changes
to my program that really have nothing to do with the
winhttp part, suddenly WinHttpQueryAuthSchemes doesn't
work anymore and always return error code 4317. I checked
the parameters and they look the same as before when the
function worked.
I don't know what this error code really means, and why
this might happen with WinHttpQueryAuthSchemes. Could
someone tell me what might cause this to happen? I'm
totally lost. Thanks a lot!
Michelle
Stephen Sulzer [Microsoft]
Error 4317 is a standard Win32 error code, ERROR_INVALID_OPERATION.
WinHttpQueryAuthSchemes will typically return this error code if an
authentication challenge has not been received, or (less likely) if WinHTTP
does not recognize any of the authentication schemes listed in the
authentication challenge. Unfortunately, this behavior of this function is
not documented.
Here are some possible causes to explain why you are seeing this error code
now, even though no change has been made to the call to
WinHttpQueryAuthSchemes:
1. The server or URL in the request has changed to something that does not
require authentication, and the application calls WinHttpQueryAuthSchemes
even though no 401 or 407 response has been received.
2. The request has been sent asynchronously and the application is calling
WinHttpQueryAuthSchemes before WinHttpReceiveResponse has completed (by
sending a WINHTTP_CALLBACK_STATUS_HEADERS_AVAILABLE callback notification).
Did you change the code to send the request asynchronously?
Hope that helps.
Regards,
Stephen Sulzer
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
"Michelle" <xia...@cs.stanford.edu> wrote in message
news:02b201c29be6$fd91f660$d7f82ecf@TK2MSFTNGXA14...
Michelle
I did not send the request asynchronously. It is called
after WinHttpReceiveResponse and also
WinHttpQueryHeaders. I don't even know how to do
asynchronous request. =P
Since I call WinHttpQueryHeaders first, I check the
status code first and only calls WinHttpQueryAuthSchemes
if the status code is 401.
Actually, after I've posted the question, I ran the
program many more times and discovered that its behavior
is very unstable. Sometimes everything goes fine and
WinHttpQueryAuthSchemes works. Sometimes it returns 4317.
Sometimes other WinHttp functions return error, like
WinHttpSendRequest returned 12030 or 12007. What's worst
is that it was only during a few hours of yesterday that
I can see the unstable behavior. Now the program is
running fine each time, as if nothing weird every
happened, which makes it very hard for me to tell what
was causing the problem.
So do you think the unstable behavior is due to some bug
in my program or due to some connection problem of the
server I was using yesterday? If it is bug, do you have
any idea what nature the bug could be? I'm really
confused.
Thanks again!
Michelle
>.
>
Stephen Sulzer [Microsoft]
Hello Michelle,
It's too hard to say with the given information what would be the cause of
the instability you observed.
Error 12007 is "The server name or address could not be resolved." It means
that Windows was not able to translate the server name in the URL into an IP
address. This would occur if your client machine could not reach a DNS
server.
Error 12030 is "The connection with the server was terminated abnormally."
This error means that the connection to the server was unexpectedly
terminated.
If the server sent back a 401 status code, but the HTTP response was
malformed in some way--in particular, the WWW-Authenticate header was
malformed or missing--that would cause WinHttpQueryAuthSchemes to return a
4317 (ERROR_INVALID_OPERATION) error.
If the instability or the 4317 error occurs again, then you should capture
the network traffic using the WinHTTP Trace Facility or the NETMON tool, and
examine what is happening on the network. The WinHTTP 5.0 SDK includes a
winhttptracecfg.exe utility to enable/disable tracing. The feature is
documented on-line at:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winhttp/http/trace.asp
Regards,
Stephen Sulzer
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
"Michelle" <xia...@cs.stanford.edu> wrote in message
news:07c101c29c73$9cb2f0a0$d7f82ecf@TK2MSFTNGXA14...
Michelle
threads creation order, not sure if that was the cause on
the instability though. Still waiting for it to happen
again.
Thanks a lot for your help!
=)
>.
>
Michelle
I haven't been seeing the instability happening again.
However, I found a similar weird problem that has already
existed in my program:
I do PUT to a URL in my program. If the URL needs
authentication, I set credential using clear text. (I
only do clear text at this moment). Now, if I specify the
URL to be localhost and in IIS -> default web site ->
properties -> Directory Security -> Authentication
Method, I check "Basic Authentication" and "Integrated
Windows Authentication", then I keep getting
WinHttpSendRequest error 12032 (The debug output would
print out "HTTP/domain"s before each line of its regular
outputs for some reason). If I only check "Basic
Authentication", or if I check "Anonymous Access", then I
don't get error. On the other hand, if the URL points to
a different machine, then I don't get the 12032 error
ever. My machine is XP, the other machine is 2000.
Is this normal? Do you see why this might happen if it is
not normal?
Thanks a lot!
Michelle
Michelle
WinHttpReceiveResponse, not WinHttpSendRequest.
>.
>
Michelle
I call WinHttpReceiveResponse several times
consecutively, then some of them does not return error.
Hm...
>.
>
Stephen Sulzer [Microsoft]
correct way to handle the 12032 error.
12032 is an informational status code: ERROR_WINHTTP_RESEND_REQUEST. The
request has not failed. Instead, this "error" means that WinHTTP wants you
to resend the request--i.e., go back to the code that called
WinHttpSendRequest and re-execute the
WinHttpSendRequest->WinHttpWriteData->WinHttpReceiveResponse codepath, using
the same request handle. WinHTTP has handled an authentication challenge for
you, but because it does not buffer the PUT data (and the target server has
discarded it), your application needs to resend the request. This will
happen for requests that authenticate using the NTLM protocol (which is part
of Integrated Windows Authentication). Unfortunately the documentation does
not mention this scenario yet.
I'll try to follow up with additional information later this week.
Regards,
Stephen Sulzer
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
"Michelle" <xia...@cs.stanford.edu> wrote in message
news:095301c29fdb$4129ae20$8af82ecf@TK2MSFTNGXA03...
Michelle
Thanks again for all your help! I tried using the trace
facility, and I do see more details. But I still have no
clue why the error happened. It's probably because I'm
new to HTTP protocol. Do you think you can look at the
trace log file for me?
In this trace, I have checked only "Basic Authentication"
in IIS for the URL I used. I'm using WinHttp to first GET
a xml file. The xml file contains three <ContentFile>
that I need to process. After each one is processed, I
post back the xml file using PUT. There is also an
additional post back at the very end, also using PUT. So
in total there are four PUT operations.
In the trace file, I see that GET is fine, the first two
PUTs are also fine. However, the third PUT seems to have
received a response that says "Bad Request", and the
fourth PUT simply got WinHttpSendRequest 12030 error. I
have looked at the parameters over and over, and I don't
see anything wrong with them. For the four PUTs, I
initialize the hSession, hConncet, and hRequest once
before the first PUT, and close them after the fourth PUT.
Here is my post back function: (buffer contains the xml
file)
BOOL PostPTI(HINTERNET *hRequest, LPTSTR username, LPTSTR
password, char *buffer) {
DWORD supported, preferred, target;
DWORD statusCode, codeLength = sizeof(DWORD),
lastStatus = 0;
DWORD dataWritten;
if (!*hRequest) return FALSE;
while (TRUE) {
// Send request
if (!WinHttpSendRequest(*hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS, 0,
WINHTTP_NO_REQUEST_DATA, 0, strlen(buffer), 0)) {
_tprintf(TEXT("WinHttpSendRequest
failed - %d.\n"), GetLastError());
break;
}
if (!WinHttpWriteData(*hRequest, buffer,
strlen(buffer), &dataWritten)) {
_tprintf(TEXT("WinHttpWriteData
failed - %d.\n"), GetLastError());
break;
}
if (!WinHttpReceiveResponse(*hRequest,
NULL)) {
_tprintf(TEXT
("WinHttpReceiveResponse failed - %d.\n"), GetLastError
());
break;
}
// Query Header
if (!WinHttpQueryHeaders(*hRequest,
WINHTTP_QUERY_STATUS_CODE | WINHTTP_QUERY_FLAG_NUMBER,
NULL, &statusCode, &codeLength, NULL)) {
_tprintf(TEXT("Query headers
failed - %d.\n"), GetLastError());
break;
}
_tprintf(TEXT("PostPTI response received -
%d.\n"), statusCode);
if (statusCode == 200) {
_tprintf(TEXT("PTI posted back
successfully.\n"));
return TRUE;
}
if (statusCode != 401 || statusCode ==
lastStatus) break;
// Query Auth Method
if (!WinHttpQueryAuthSchemes(*hRequest,
&supported, &preferred, &target)) {
_tprintf(TEXT("Query auth schemes
failed - %d.\n"), GetLastError());
break;
}
if (preferred !=
WINHTTP_AUTH_SCHEME_BASIC) {
_tprintf(TEXT("Server does not
supported clear text transfer.\n"));
break;
}
// Set credentials
if (!WinHttpSetCredentials(*hRequest,
target, preferred, username, password, NULL)) {
_tprintf(TEXT("Set credentials
failed - %d.\n"), GetLastError());
break;
}
lastStatus = statusCode;
}
return FALSE;
}
I have attached the trace log. Thank you so much!
Michelle
>.
>