AuthenticationManager 类
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
注意
AuthenticationManager is not supported. Methods will no-op or throw PlatformNotSupportedException.
管理客户端身份验证过程中调用的身份验证模块。
public ref class AuthenticationManagerpublic class AuthenticationManager[System.Obsolete("AuthenticationManager is not supported. Methods will no-op or throw PlatformNotSupportedException.", DiagnosticId="SYSLIB0009", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public class AuthenticationManagertype AuthenticationManager = class[<System.Obsolete("AuthenticationManager is not supported. Methods will no-op or throw PlatformNotSupportedException.", DiagnosticId="SYSLIB0009", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type AuthenticationManager = classPublic Class AuthenticationManager- 继承
-
AuthenticationManager
- 属性
示例
// This program shows how to create a custom Basic authentication module,
// how to register it via the AuthenticationManager class and how to authorize
// users to access a Web site.
// Note: In order to run this program you must create a test Web site that performs
// Basic authentication. Also you must add to your server machine a user whose
// credentials are the same you use in this program.
// Attention: Basic authenticastion sends the user's credentials over HTTP.
// Passwords and user names are encoded using Base64 encoding. Although the
// user information is encoded, it is considered insecure due to the fact that it
// could be deciphered relatively easily.
// If you must use basic authentication you are strongly adviced to use strong
// security mechanisms, such as SSL, when transfering sensitive information on
// the wire.
#using <System.dll>
using namespace System;
using namespace System::Net;
using namespace System::IO;
using namespace System::Text;
using namespace System::Collections;
// The TestAuthentication class performs the following main tasks:
// 1) It obtains the user's credentials.
// 2) Unregisters the standard Basic authentication.
// 3) Registers the customized Basic authentication.
// 4) Reads the selected page and displays it on the console.
ref class TestAuthentication
{
public:
static String^ username;
static String^ password;
static String^ ___domain;
static String^ uri;
// Show how to use this program.
static void showusage()
{
Console::WriteLine( "Attempts to authenticate to a URL" );
Console::WriteLine( "\r\nUse one of the following:" );
Console::WriteLine( "\tcustomBasicAuthentication URL username password ___domain" );
Console::WriteLine( "\tcustomBasicAuthentication URL username password" );
Console::WriteLine( "\r\nExample:" );
Console::WriteLine( "\tcustomBasicAuthentication http://ndpue/ncl/ basicuser basic.101 ndpue" );
}
// Display registered authentication modules.
static void displayRegisteredModules()
{
// The AuthenticationManager calls all authentication modules sequentially
// until one of them responds with an authorization instance. Show
// the current registered modules, for testing purposes.
IEnumerator^ registeredModules = AuthenticationManager::RegisteredModules;
Console::WriteLine( "\r\nThe following authentication modules are now registered with the system" );
while ( registeredModules->MoveNext() )
{
Console::WriteLine( "\r \n Module : {0}", registeredModules->Current );
IAuthenticationModule^ currentAuthenticationModule = dynamic_cast<IAuthenticationModule^>(registeredModules->Current);
Console::WriteLine( "\t CanPreAuthenticate : {0}", currentAuthenticationModule->CanPreAuthenticate );
}
}
// The getPage method accesses the selected page an displays its content
// on the console.
static void getPage( String^ url )
{
try
{
// Create the Web request object.
HttpWebRequest^ req = dynamic_cast<HttpWebRequest^>(WebRequest::Create( url ));
// Define the request access method.
req->Method = "GET";
// Define the request credentials according to the user's input.
if ( String::Compare( ___domain, String::Empty ) == 0 )
req->Credentials = gcnew NetworkCredential( username,password ); // If the user's specifies the Internet resource ___domain, this usually
else
req->Credentials = gcnew NetworkCredential( username,password,___domain );
// is by default the name of the sever hosting the resource.
// Issue the request.
// req->GetResponse();
HttpWebResponse^ result = dynamic_cast<HttpWebResponse^>(req->GetResponse());
Console::WriteLine( "\nAuthentication Succeeded:" );
// Store the response.
Stream^ sData = result->GetResponseStream();
// Display the response.
displayPageContent( sData );
}
catch ( WebException^ e )
{
// Display the error, if any. In particular display protocol
// related error.
if ( e->Status == WebExceptionStatus::ProtocolError )
{
HttpWebResponse^ hresp = dynamic_cast<HttpWebResponse^>(e->Response);
Console::WriteLine( "\nAuthentication Failed, {0}", hresp->StatusCode );
Console::WriteLine( "Status Code: {0}", (int)hresp->StatusCode );
Console::WriteLine( "Status Description: {0}", hresp->StatusDescription );
return;
}
Console::WriteLine( "Caught Exception: {0}", e->Message );
Console::WriteLine( "Stack: {0}", e->StackTrace );
}
}
// The displayPageContent method display the content of the
// selected page.
static void displayPageContent( Stream^ ReceiveStream )
{
// Create an ASCII encoding object.
Encoding^ ASCII = Encoding::ASCII;
// Define the Byte array to temporary hold the current read bytes.
array<Byte>^read = gcnew array<Byte>(512);
Console::WriteLine( "\r\nPage Content...\r\n" );
// Read the page content and display it on the console.
// Read the first 512 bytes.
int bytes = ReceiveStream->Read( read, 0, 512 );
while ( bytes > 0 )
{
Console::Write( ASCII->GetString( read, 0, bytes ) );
bytes = ReceiveStream->Read( read, 0, 512 );
}
Console::WriteLine( "" );
}
};
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. In particular it performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Impements the Authenticate method.
public ref class CustomBasic: public IAuthenticationModule
{
private:
String^ m_authenticationType;
bool m_canPreAuthenticate;
public:
// The CustomBasic constructor initializes the properties of the customized
// authentication.
CustomBasic()
{
m_authenticationType = "Basic";
m_canPreAuthenticate = false;
}
property String^ AuthenticationType
{
// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
virtual String^ get()
{
return m_authenticationType;
}
}
property bool CanPreAuthenticate
{
// Define the pre-authentication capabilities for the module. The default is set
// to false.
virtual bool get()
{
return m_canPreAuthenticate;
}
}
// The checkChallenge method checks if the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct ___domain name.
// Note: the challenge is in the form BASIC REALM=S"DOMAINNAME"
// and you must assure that the Internet Web site resides on a server whose
// ___domain name is equal to DOMAINAME.
bool checkChallenge( String^ Challenge, String^ ___domain )
{
bool challengePasses = false;
String^ tempChallenge = Challenge->ToUpper();
// Verify that this is a Basic authorization request and the requested ___domain
// is correct.
// Note: When the ___domain is an empty string the following code only checks
// whether the authorization type is Basic.
if ( tempChallenge->IndexOf( "BASIC" ) != -1 )
if ( String::Compare( ___domain, String::Empty ) != 0 )
if ( tempChallenge->IndexOf( ___domain->ToUpper() ) != -1 )
challengePasses = true; // The ___domain is not allowed and the authorization type is Basic.
else
challengePasses = false;
else
challengePasses = true;
return challengePasses;
}
// The PreAuthenticate method specifies if the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implemebtation.
// In this case it always returns null.
virtual Authorization^ PreAuthenticate( WebRequest^ request, ICredentials^ credentials )
{
return nullptr;
}
// Authenticate is the core method for this custom authentication.
// When an internet resource requests authentication, the WebRequest::GetResponse
// method calls the AuthenticationManager::Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest, as
// shown by this routine's retun type.
virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^ credentials )
{
Encoding^ ASCII = Encoding::ASCII;
// Get the username and password from the credentials
NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri, "Basic" );
if ( PreAuthenticate( request, credentials ) == nullptr )
Console::WriteLine( "\n Pre-authentication is not allowed." );
else
Console::WriteLine( "\n Pre-authentication is allowed." );
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge( challenge, MyCreds->Domain );
if ( !challengeOk )
return nullptr;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 Encoding to this array of bytes to obtain the encoded
// authorization.
String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":", MyCreds->Password );
String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String( ASCII->GetBytes( BasicEncrypt ) ) );
// Create an Authorization object using the above encoded authorization.
Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
// Get the Message property which contains the authorization string that the
// client returns to the server when accessing protected resources
Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message );
// Get the Complete property which is set to true when the authentication process
// between the client and the server is finished.
Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete );
Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId );
return resourceAuthorization;
}
};
// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized basic
// authentication.
int main()
{
array<String^>^args = Environment::GetCommandLineArgs();
if ( args->Length < 4 )
TestAuthentication::showusage();
else
{
// Read the user's credentials.
TestAuthentication::uri = args[ 1 ];
TestAuthentication::username = args[ 2 ];
TestAuthentication::password = args[ 3 ];
if ( args->Length == 4 )
TestAuthentication::___domain = String::Empty; // If the ___domain exists, store it. Usually the ___domain name
else
TestAuthentication::___domain = args[ 4 ];
// is by default the name of the server hosting the Internet
// resource.
// Instantiate the custom Basic authentication module.
CustomBasic^ customBasicModule = gcnew CustomBasic;
// Unregister the standard Basic authentication module.
AuthenticationManager::Unregister( "Basic" );
// Register the custom Basic authentication module.
AuthenticationManager::Register( customBasicModule );
// Display registered Authorization modules.
TestAuthentication::displayRegisteredModules();
// Read the specified page and display it on the console.
TestAuthentication::getPage( TestAuthentication::uri );
}
}
// The following example shows how to create a custom Basic authentication module,
// how to register it using the AuthenticationManager class and how to authorize
// users to access a Web site.
// Note: To run this program you must create a test Web site that performs
// Basic authentication. Also you must add to your server machine a user whose
// credentials are the same as the ones you use in this program.
// Attention: Basic authentication sends the user's credentials over HTTP.
// Passwords and user names are encoded using Base64 encoding. Although the
// user information is encoded, it is considered insecure becasue it could be deciphered
// relatively easily.
// If you must use Basic authentication you are strongly advised to use strong
// security mechanisms, such as SSL, when transferring sensitive information.
using System;
using System.Net;
using System.IO;
using System.Text;
using System.Collections;
namespace Mssc.Services.Authentication
{
// The TestAuthentication class performs the following main tasks:
// 1) Obtains the user's credentials.
// 2) Unregisters the standard Basic authentication.
// 3) Registers the custom Basic authentication.
// 4) Reads the selected page and displays it on the console.
class TestAuthentication
{
private static string username, password, ___domain, uri;
// This method invoked when the user does not enter the required input parameters.
private static void ShowUsage()
{
Console.WriteLine("Attempts to authenticate to a URL");
Console.WriteLine("\r\nUse one of the following:");
Console.WriteLine("\tcustomBasicAuthentication URL username password ___domain");
Console.WriteLine("\tcustomBasicAuthentication URL username password");
}
// Display registered authentication modules.
private static void DisplayRegisteredModules()
{
// The AuthenticationManager calls all authentication modules sequentially
// until one of them responds with an authorization instance. Show
// the current registered modules.
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
Console.WriteLine("\r\nThe following authentication modules are now registered with the system:");
while(registeredModules.MoveNext())
{
Console.WriteLine("\r \n Module : {0}",registeredModules.Current);
IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current;
Console.WriteLine("\t CanPreAuthenticate : {0}",currentAuthenticationModule.CanPreAuthenticate);
}
}
// The GetPage method accesses the selected page and displays its content
// on the console.
private static void GetPage(String url)
{
try
{
// Create the Web request object.
HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);
// Define the request access method.
req.Method = "GET";
// Define the request credentials according to the user's input.
if (string.IsNullOrEmpty(___domain))
req.Credentials = new NetworkCredential(username, password);
else
// If the user does not specify the Internet resource ___domain, this usually
// is by default the name of the sever hosting the resource.
req.Credentials = new NetworkCredential(username, password, ___domain);
// Issue the request.
using HttpWebResponse result = (HttpWebResponse) req.GetResponse();
Console.WriteLine("\nAuthentication Succeeded:");
// Store the response.
Stream sData = result.GetResponseStream();
// Display the response.
DisplayPageContent(sData);
}
catch (WebException e)
{
// Display any errors. In particular, display any protocol-related error.
if (e.Status == WebExceptionStatus.ProtocolError)
{
HttpWebResponse hresp = (HttpWebResponse) e.Response;
Console.WriteLine("\nAuthentication Failed, " + hresp.StatusCode);
Console.WriteLine("Status Code: " + (int) hresp.StatusCode);
Console.WriteLine("Status Description: " + hresp.StatusDescription);
return;
}
Console.WriteLine("Caught Exception: " + e.Message);
Console.WriteLine("Stack: " + e.StackTrace);
}
}
// The DisplayPageContent method display the content of the
// selected page.
private static void DisplayPageContent(Stream ReceiveStream)
{
// Create an ASCII encoding object.
Encoding ASCII = Encoding.ASCII;
// Define the byte array to temporarily hold the current read bytes.
Byte[] read = new Byte[512];
Console.WriteLine("\r\nPage Content...\r\n");
// Read the page content and display it on the console.
// Read the first 512 bytes.
int bytes = ReceiveStream.Read(read, 0, 512);
while (bytes > 0)
{
Console.Write(ASCII.GetString(read, 0, bytes));
bytes = ReceiveStream.Read(read, 0, 512);
}
Console.WriteLine("");
}
// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized Basic
// authentication.
public static void Main(string[] args)
{
if (args.Length < 3)
{
ShowUsage();
}
else
{
// Read the user's credentials.
uri = args[0];
username = args[1];
password = args[2];
if (args.Length == 3)
___domain = string.Empty;
else
// If the ___domain exists, store it. Usually the ___domain name
// is by default the name of the server hosting the Internet
// resource.
___domain = args[3];
// Instantiate the custom Basic authentication module.
CustomBasic customBasicModule = new CustomBasic();
// Unregister the standard Basic authentication module.
AuthenticationManager.Unregister("Basic");
// Register the custom Basic authentication module.
AuthenticationManager.Register(customBasicModule);
// Display registered authorization modules.
DisplayRegisteredModules();
// Read the specified page and display it on the console.
GetPage(uri);
}
return;
}
}
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.
public class CustomBasic : IAuthenticationModule
{
// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType { get; } = "Basic";
// Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate { get; }
// The CheckChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct ___domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// ___domain name is equal to DOMAINNAME.
public bool CheckChallenge(string challenge, string ___domain)
{
bool challengePasses = false;
String tempChallenge = challenge.ToUpper();
// Verify that this is a Basic authorization request and that the requested ___domain
// is correct.
// Note: When the ___domain is an empty string, the following code only checks
// whether the authorization type is Basic.
if (tempChallenge.IndexOf("BASIC") != -1)
if (!string.IsNullOrEmpty(___domain))
if (tempChallenge.IndexOf(___domain.ToUpper()) != -1)
challengePasses = true;
else
// The ___domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The ___domain is a blank string and the authorization type is Basic.
challengePasses = true;
return challengePasses;
}
// The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}
// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII;
// Get the username and password from the credentials
NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");
if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed.");
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = CheckChallenge(challenge, myCreds.Domain);
if (!challengeOk)
return null;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;
string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));
// Create an Authorization object using the encoded authorization above.
Authorization resourceAuthorization = new Authorization(basicToken);
// Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);
// Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}
}
' The following example shows how to create a custom Basic authentication module,
' how to register it using the AuthenticationManager class and how to authorize
' users to access a Web site.
' Note: To run this program you must create a test Web site that performs
' Basic authentication. Also you must add to your server machine a user whose
' credentials are the same as the ones you use in this program.
' Attention: Basic authentication sends the user's credentials over HTTP.
' Passwords and user names are encoded using Base64 encoding. Although the
' user information is encoded, it is considered insecure becasue it could be deciphered
' relatively easily.
' If you must use Basic authentication you are strongly advised to use strong
' security mechanisms, such as SSL, when transferring sensitive information.
Imports System.Net
Imports System.IO
Imports System.Text
Imports System.Collections
Namespace Mssc.Services.Authentication
Module TestingAuthentication
' The TestAuthentication class performs the following main tasks:
' 1) Obtains the user's credentials.
' 2) Unregisters the standard Basic authentication.
' 3) Registers the custom Basic authentication.
' 4) Reads the selected page and displays it on the console.
Class TestAuthentication
Private Shared username, password, ___domain, uri As String
'This method invoked when the user does not enter the required input parameters.
Private Shared Sub showusage()
Console.WriteLine("Attempts to authenticate to a URL")
Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "Use one of the following:")
Console.WriteLine(ControlChars.Tab + "customBasicAuthentication URL username password ___domain")
Console.WriteLine(ControlChars.Tab + "customBasicAuthentication URL username password")
End Sub
' Display registered authentication modules.
Private Shared Sub displayRegisteredModules()
' The AuthenticationManager calls all authentication modules sequentially
' until one of them responds with an authorization instance. Show
' the current registered modules.
Dim registeredModules As IEnumerator = AuthenticationManager.RegisteredModules
Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "The following authentication modules are now registered with the system:")
While registeredModules.MoveNext()
Console.WriteLine(ControlChars.Cr + " " + ControlChars.Lf + " Module : {0}", registeredModules.Current)
Dim currentAuthenticationModule As IAuthenticationModule = CType(registeredModules.Current, IAuthenticationModule)
Console.WriteLine(ControlChars.Tab + " CanPreAuthenticate : {0}", currentAuthenticationModule.CanPreAuthenticate)
End While
End Sub
' The getPage method accesses the selected page and displays its content
' on the console.
Private Shared Sub getPage(ByVal url As [String])
Try
' Create the Web request object.
Dim req As HttpWebRequest = CType(WebRequest.Create(url), HttpWebRequest)
' Define the request access method.
req.Method = "GET"
' Define the request credentials according to the user's input.
If ___domain = [String].Empty Then
req.Credentials = New NetworkCredential(username, password)
' If the user does not specify the Internet resource ___domain, this usually
' is by default the name of the sever hosting the resource.
Else
req.Credentials = New NetworkCredential(username, password, ___domain)
End If
' Issue the request.
Dim result As HttpWebResponse = CType(req.GetResponse(), HttpWebResponse)
Console.WriteLine(ControlChars.Lf + "Authentication Succeeded:")
' Store the response.
Dim sData As Stream = result.GetResponseStream()
' Display the response.
displayPageContent(sData)
Catch e As WebException
' Display any errors. In particular, display any protocol-related error.
If e.Status = WebExceptionStatus.ProtocolError Then
Dim hresp As HttpWebResponse = CType(e.Response, HttpWebResponse)
Console.WriteLine((ControlChars.Lf + "Authentication Failed, " + hresp.StatusCode))
Console.WriteLine(("Status Code: " + Fix(hresp.StatusCode)))
Console.WriteLine(("Status Description: " + hresp.StatusDescription))
Return
End If
Console.WriteLine(("Caught Exception: " + e.Message))
Console.WriteLine(("Stack: " + e.StackTrace))
End Try
End Sub
' The displayPageContent method display the content of the
' selected page.
Private Shared Sub displayPageContent(ByVal ReceiveStream As Stream)
' Create an ASCII encoding object.
Dim ASCII As Encoding = Encoding.ASCII
' Define the byte array to temporarily hold the current read bytes.
Dim read(511) As [Byte]
Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "Page Content..." + ControlChars.Cr + ControlChars.Lf)
' Read the page content and display it on the console.
' Read the first 512 bytes.
Dim bytes As Integer = ReceiveStream.Read(read, 0, 512)
While bytes > 0
Console.Write(ASCII.GetString(read, 0, bytes))
bytes = ReceiveStream.Read(read, 0, 512)
End While
Console.WriteLine("")
End Sub
'Entry point which delegates to C-style main Private Function
'Public Overloads Sub Main(ByVal args() As String)
' Main(System.Environment.GetCommandLineArgs())
'End Sub
' This is the program entry point. It allows the user to enter
' her credentials and the Internet resource (Web page) to access.
' It also unregisters the standard and registers the customized Basic
' authentication.
Public Shared Sub Main(ByVal args() As String)
If args.Length < 3 Then
showusage()
Else
' Read the user's credentials.
uri = args(0)
username = args(1)
password = args(2)
If args.Length = 3 Then
___domain = String.Empty
' If the ___domain exists, store it. Usually the ___domain name
' is by default the name of the server hosting the Internet
' resource.
Else
___domain = args(3)
End If
' Instantiate the custom Basic authentication module.
Dim customBasicModule As New CustomBasic()
' Unregister the standard Basic authentication module.
AuthenticationManager.Unregister("Basic")
' Register the custom Basic authentication module.
AuthenticationManager.Register(customBasicModule)
' Display registered authorization modules.
displayRegisteredModules()
' Read the specified page and display it on the console.
getPage(uri)
End If
Return
End Sub
End Class
' The CustomBasic class creates a custom Basic authentication by implementing the
' IAuthenticationModule interface. It performs the following
' tasks:
' 1) Defines and initializes the required properties.
' 2) Implements the Authenticate and PreAuthenticate methods.
Public Class CustomBasic
Implements IAuthenticationModule
Private m_authenticationType As String
Private m_canPreAuthenticate As Boolean
' The CustomBasic constructor initializes the properties of the customized
' authentication.
Public Sub New()
m_authenticationType = "Basic"
m_canPreAuthenticate = False
End Sub
' Define the authentication type. This type is then used to identify this
' custom authentication module. The default is set to Basic.
Public ReadOnly Property AuthenticationType() As String _
Implements IAuthenticationModule.AuthenticationType
Get
Return m_authenticationType
End Get
End Property
' Define the pre-authentication capabilities for the module. The default is set
' to false.
Public ReadOnly Property CanPreAuthenticate() As Boolean _
Implements IAuthenticationModule.CanPreAuthenticate
Get
Return m_canPreAuthenticate
End Get
End Property
' The checkChallenge method checks whether the challenge sent by the HttpWebRequest
' contains the correct type (Basic) and the correct ___domain name.
' Note: The challenge is in the form BASIC REALM="DOMAINNAME";
' the Internet Web site must reside on a server whose
' ___domain name is equal to DOMAINNAME.
Public Function checkChallenge(ByVal Challenge As String, ByVal ___domain As String) As Boolean
Dim challengePasses As Boolean = False
Dim tempChallenge As [String] = Challenge.ToUpper()
' Verify that this is a Basic authorization request and that the requested ___domain
' is correct.
' Note: When the ___domain is an empty string, the following code only checks
' whether the authorization type is Basic.
If tempChallenge.IndexOf("BASIC") <> -1 Then
If ___domain <> [String].Empty Then
If tempChallenge.IndexOf(___domain.ToUpper()) <> -1 Then
challengePasses = True
' The ___domain is not allowed and the authorization type is Basic.
Else
challengePasses = False
End If
' The ___domain is a blank string and the authorization type is Basic.
Else
challengePasses = True
End If
End If
Return challengePasses
End Function 'checkChallenge
' The PreAuthenticate method specifies whether the authentication implemented
' by this class allows pre-authentication.
' Even if you do not use it, this method must be implemented to obey to the rules
' of interface implementation.
' In this case it always returns null.
Public Function PreAuthenticate(ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.PreAuthenticate
Return Nothing
End Function 'PreAuthenticate
' Authenticate is the core method for this custom authentication.
' When an Internet resource requests authentication, the WebRequest.GetResponse
' method calls the AuthenticationManager.Authenticate method. This method, in
' turn, calls the Authenticate method on each of the registered authentication
' modules, in the order in which they were registered. When the authentication is
' complete an Authorization object is returned to the WebRequest.
Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.Authenticate
Dim ASCII As Encoding = Encoding.ASCII
' Get the username and password from the credentials
Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")
If PreAuthenticate(request, credentials) Is Nothing Then
Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
Else
Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
End If
' Verify that the challenge satisfies the authorization requirements.
Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)
If Not challengeOk Then
Return Nothing
End If
' Create the encrypted string according to the Basic authentication format as
' follows:
' a)Concatenate the username and password separated by colon;
' b)Apply ASCII encoding to obtain a stream of bytes;
' c)Apply Base64 encoding to this array of bytes to obtain the encoded
' authorization.
Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password
Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))
' Create an Authorization object using the encoded authorization above.
Dim resourceAuthorization As New Authorization(BasicToken)
' Get the Message property, which contains the authorization string that the
' client returns to the server when accessing protected resources.
Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)
' Get the Complete property, which is set to true when the authentication process
' between the client and the server is finished.
Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)
Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)
Return resourceAuthorization
End Function 'Authenticate
End Class
End Module
End Namespace
注解
AuthenticationManager 是一个静态类,用于管理应用程序使用的身份验证模块。 向受保护的资源发出请求时, 会 AuthenticationManager 调用 Authenticate 方法以获取 Authorization 在后续请求中使用的实例。
通过 AuthenticationManager 为每个模块调用 IAuthenticationModule.Authenticate 方法,查询每个已注册的身份验证模块。 返回实例的第一个 Authorization 身份验证模块用于对请求进行身份验证。
默认情况下,提供基本、摘要、协商、NTLM 和 Kerberos 身份验证类型的模块注册到 AuthenticationManager 。 可以使用 方法添加Register实现 IAuthenticationModule 接口的其他身份验证模块。 身份验证模块按照将其添加到列表中的顺序进行调用。
属性
| CredentialPolicy |
已过时.
获取或设置凭据策略,该凭据策略将用于使用 HttpWebRequest 类发出的资源请求。 |
| CustomTargetNameDictionary |
已过时.
获取包含服务主体名称 (SPN) 的字典,这些 SPN 用于在 Kerberos 身份验证期间为使用 WebRequest 及其派生类发出的请求标识主机。 |
| RegisteredModules |
已过时.
获取注册到身份验证管理器中的身份验证模块的列表。 |
方法
| Authenticate(String, WebRequest, ICredentials) |
已过时.
调用每个已注册的身份验证模块以查找第一个可响应身份验证请求的模块。 |
| Equals(Object) |
已过时.
确定指定对象是否等于当前对象。 (继承自 Object) |
| GetHashCode() |
已过时.
作为默认哈希函数。 (继承自 Object) |
| GetType() |
已过时.
获取当前实例的 Type。 (继承自 Object) |
| MemberwiseClone() |
已过时.
创建当前 Object 的浅表副本。 (继承自 Object) |
| PreAuthenticate(WebRequest, ICredentials) |
已过时.
预身份验证请求。 |
| Register(IAuthenticationModule) |
已过时.
向身份验证管理器注册身份验证模块。 |
| ToString() |
已过时.
返回表示当前对象的字符串。 (继承自 Object) |
| Unregister(IAuthenticationModule) |
已过时.
将指定的身份验证模块从已注册的模块列表中移除。 |
| Unregister(String) |
已过时.
将具有指定身份验证方案的身份验证模块从已注册模块列表中移除。 |
