I am developing ASP.net application which consumes REST services with ASP.Net Web API. I am trying to use Basic authentication for my website. I plan to use it with SSL once I complete Basic authentication.

Currently on Login button click I am sending Auth header using Base64 encoding of username and password as shown below:

        string responseData = string.Empty;            
        string authToken = string.Empty;
        string loginInstance = url;

        // Create request.
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(loginInstance);
        request.Method = "POST";
        request.ContentType = "application/json";
        request.CookieContainer = new CookieContainer();
        String username = txtUserName.Text;
        String password = txtPassword.Text;
        String encoded = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(username + ":" + password));
        request.Headers.Add("Authorization", "Basic " + encoded);
        request.ContentLength = 0;


        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        StreamReader reader = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
        String resultData = reader.ReadToEnd();
        bool result = false;
        result = Convert.ToBoolean(resultData);
        return result;

I assume I will need to send authentication header to all of those web api requests that needs to be secure and pass through authentciation.

Is there a way to attach authentication header to every request that I send or even to a set of requests? Please note: most of the Web API requests are invoked through JQuery.

Also please let me know if this is not recommended approach of implementation.

Regards,

Abhilash

Have you try like this :

 WebRequest request = (HttpWebRequest)WebRequest.Create("https://yoururl");
request.Headers.Add(HttpRequestHeader.Authorization, "Basic " + Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes("user:password")));

basic http authentication in asp.net web api using message handlers. http://www.piotrwalat.net/basic-http-authentication-in-asp-net-web-api-using-message-handlers/

Can you try with below code inplace of "request.Headers.Add("Authorization", "Basic " + encoded);" .

  request.Headers.Add(HttpRequestHeader.Authorization, "Basic " + 
  Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes("user:password")));

I believe you can just add

request.PreAuthenticare = true

You may look for HttpWebRequest.Credentials Property.

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(loginInstance);
request.Credentials = CredentialCache.DefaultCredentials;

Above example contains the credentials of the currently logged on user.

"The Credentials property can be either a NetworkCredential, in which case the user, password, and domain information contained in the NetworkCredential object is used to authenticate the request, or it can be a CredentialCache".

MSDN Reference