Dynamic Web TWAIN: Upload image with Forms-Based Authentication in ASP.NET Application

Scenario

This issue has been fixed since Dynamic Web TWAIN version 10 Chrome&Firefox Edition. Please don't hesitate to try out the latest version. Edition Comparison>>

In Dynamic Web TWAIN, we can use HTTPUploadThroughPost method to upload image to the server. But if you use Forms-Based Authentication in Your ASP.NET Application, you might not be able to upload the image successfully. Because the action page will verify the login information for the HTTP post request, and by default the HTTPUploadThroughPost does not pass the login information to the action page.

Error Message

ErrorString - "HTTP process error".
HTTPPostResponseString - The whole HTML code of the login page.

Solutions

  1. In the code behind of the page that renders the control, use RegisterStartupScript to set the DWObject.SetCookie() to the Request.Headers("Cookie") value. [Special thanks to Perry]. Please download a sample from here.
  2. However, the auto-generated cookie is often marked HttpOnly and becomes invisible for JavaScript. In this case, we can generate a cookie manually and pass it to the client browser. Below are the steps:
    1. Go to the login page, and make sure you have stored the login information in the HTTP cookie. At a later stage, we will pass the HTTP cookie to the action page for authentication.Example (generating a cookie in the login page):
      • Create a FormsAuthenticationTicket.
      • Get the encrypt cookie string.
      • Create a HTTP cookie.
      • Add the cookie to the response cookie, so JavaScript can access this cookie

    2. Go to the scan page, and add below code before you call HTTPUploadThroughPost method.
      DWObject.SetCookie(document.cookie);

      Note:

      Please change 'DWObject' according to your application.

      Thus, the cookie will be attached to the HTTP post request and the action page will use the cookie to verify the login information.

      Please NOTE that in the Web.Config file, the settings for Forms Authentication should be like:

      <authentication mode="Forms">

      <forms name="testform" loginUrl="login.aspx" domain="localhost" defaultUrl="default.aspx" path="/" timeout="2">

      </forms>

      </authentication>

      Especially, the "Domain" attribute is necessary here, please change it to your own domain.