System.Net网络编程--AuthenticationManager和IAuthenticationModule
AuthenticationManager——管理客户端身份验证过程中调用的身份验证模块。
public class Demo1
{
private static string username, password, domain, uri; // This method invoked when the user does not enter the required input parameters.
private static void showusage()
{
Console.WriteLine("Attempts to authenticate to a URL");
Console.WriteLine("\r\nUse one of the following:");
Console.WriteLine("\tcustomBasicAuthentication URL username password domain");
Console.WriteLine("\tcustomBasicAuthentication URL username password");
} // Display registered authentication modules.
private static void displayRegisteredModules()
{
// The AuthenticationManager calls all authentication modules sequentially
// until one of them responds with an authorization instance. Show
// the current registered modules.
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
Console.WriteLine("\r\nThe following authentication modules are now registered with the system:");
while (registeredModules.MoveNext())
{
Console.WriteLine("\r \n Module : {0}", registeredModules.Current);
IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current;
Console.WriteLine("\t CanPreAuthenticate : {0}", currentAuthenticationModule.CanPreAuthenticate);
}
} private static void getPage(String url)
{
try
{
// 创建对象
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
req.Method = "GET";
if (domain == String.Empty)
{
req.Credentials = new NetworkCredential(username, password);
}
else
{
req.Credentials = new NetworkCredential(username, password, domain);
}
HttpWebResponse result = (HttpWebResponse)req.GetResponse();
Console.WriteLine("\nAuthentication Succeeded:");
Stream sData = result.GetResponseStream();
displayPageContent(sData);
}
catch (WebException e)
{
// Display any errors. In particular, display any protocol-related error.
if (e.Status == WebExceptionStatus.ProtocolError)
{
HttpWebResponse hresp = (HttpWebResponse)e.Response;
Console.WriteLine("\nAuthentication Failed, " + hresp.StatusCode);
Console.WriteLine("Status Code: " + (int)hresp.StatusCode);
Console.WriteLine("Status Description: " + hresp.StatusDescription);
return;
}
Console.WriteLine("Caught Exception: " + e.Message);
Console.WriteLine("Stack: " + e.StackTrace);
}
}
private static void displayPageContent(Stream ReceiveStream)
{
// 设置编码
Encoding ASCII = Encoding.ASCII;
Byte[] read = new Byte[]; Console.WriteLine("\r\nPage Content...\r\n");
//输出
int bytes = ReceiveStream.Read(read, , );
while (bytes > )
{
Console.Write(ASCII.GetString(read, , bytes));
bytes = ReceiveStream.Read(read, , );
}
Console.WriteLine("");
}
public static void Main(string[] args)
{ if (args.Length < )
showusage();
else
{ // Read the user's credentials.
uri = args[];
username = args[];
password = args[]; if (args.Length == )
domain = string.Empty;
else
domain = args[]; // Instantiate the custom Basic authentication module.
CustomBasic customBasicModule = new CustomBasic(); // Unregister the standard Basic authentication module.
AuthenticationManager.Unregister("Basic"); // Register the custom Basic authentication module.
AuthenticationManager.Register(customBasicModule); // Display registered authorization modules.
displayRegisteredModules(); // Read the specified page and display it on the console.
getPage(uri);
}
return;
} private void Test()
{ WindowsAuthenticationModule tt = new WindowsAuthenticationModule();
}
} // The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method. /// <summary>
/// 认证模块
/// </summary>
public class CustomBasic : IAuthenticationModule
{ private string m_authenticationType;
private bool m_canPreAuthenticate; // The CustomBasic constructor initializes the properties of the customized
// authentication.
public CustomBasic()
{
m_authenticationType = "Basic";
m_canPreAuthenticate = false;
} // Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType
{
get
{
return m_authenticationType;
}
} // Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate
{
get
{
return m_canPreAuthenticate;
}
} // The checkChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// domain name is equal to DOMAINNAME.
//校验规则和域名
public bool checkChallenge(string Challenge, string domain)
{
bool challengePasses = false; String tempChallenge = Challenge.ToUpper(); // Verify that this is a Basic authorization request and that the requested domain
// is correct.
// Note: When the domain is an empty string, the following code only checks
// whether the authorization type is Basic. if (tempChallenge.IndexOf("BASIC") != -)
if (domain != String.Empty)
if (tempChallenge.IndexOf(domain.ToUpper()) != -)
challengePasses = true;
else
// The domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The domain is a blank string and the authorization type is Basic.
challengePasses = true; return challengePasses;
} // The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
} // Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII; // Get the username and password from the credentials
NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic"); if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed."); // Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge(challenge, MyCreds.Domain); if (!challengeOk)
return null; // Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string BasicEncrypt = MyCreds.UserName + ":" + MyCreds.Password; string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt));
//Basic 认证
Authorization resourceAuthorization = new Authorization(BasicToken); // Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}", resourceAuthorization.Message); // Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}", resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}
上面的代码摘抄自:https://msdn.microsoft.com/zh-cn/library/system.net.authenticationmanager%28v=vs.100%29.aspx?f=255&MSPPError=-2147217396
IAuthenticationModule:为 Web 客户端身份验证模块提供基身份验证接口。
在web.config 中的设置,当使用window验证时,可以设置自己的验证方式。当IIS不选择匿名验证时,使用的也是window集成验证。
<system.web>
<compilation debug="true"> </compilation>
<!--
通过 <authentication> 节,可配置
ASP.NET 用于识别进入用户的
安全身份验证模式。
-->
<authentication mode="Windows" />
<!--
通过 <customErrors> 节,可以配置
在执行请求的过程中出现未处理的错误时要执行
的操作。具体而言,
开发人员通过该节可配置要显示的 html 错误页,
以代替错误堆栈跟踪。 <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="" redirect="NoAccess.htm" />
<error statusCode="" redirect="FileNotFound.htm" />
</customErrors>
--> </system.web>
<system.net>
<authenticationModules>
<add type="xxx"/>
</authenticationModules>
</system.net>
认证类:
BasicClient:Basic 认证
DigestClient:摘要认证
KerberosClient:Kerberos 认证
NegotiateClient:Negotiate 认证
NtlmClient:Ntlm 认证
认证的几种方式参考:http://blog.csdn.net/leafqing04/article/details/6434418
有什么不对的地方,麻烦指点一下,谢谢!
System.Net网络编程--AuthenticationManager和IAuthenticationModule的更多相关文章
- VB.NET中网络编程的另一种方案----system.net中的HttpWebRequest类的使用
VB.NET中网络编程的另一种方案---- system.net中的HttpWebRequest类的使用 在VB.net中进行网络编程,除了我之前写的随笔中的使用WinHttp组件进行编程,还有另一种 ...
- 24.2 网络编程基础——System.Net 命名空间
使用C#进行网络编程时,通常要用到: System. Net 命名空间. System. Net. Sockets 命名空间. System. Net. Mail 命名空间. 24.2.1 Sy ...
- 猫哥网络编程系列:HTTP PEM 万能调试法
注:本文内容较长且细节较多,建议先收藏再阅读,原文将在 Github 上维护与更新. 在 HTTP 接口开发与调试过程中,我们经常遇到以下类似的问题: 为什么本地环境接口可以调用成功,但放到手机上就跑 ...
- python select网络编程详细介绍
刚看了反应堆模式的原理,特意复习了socket编程,本文主要介绍python的基本socket使用和select使用,主要用于了解socket通信过程 一.socket模块 socket - Low- ...
- python网络编程-socket编程
一.服务端和客户端 BS架构 (腾讯通软件:server+client) CS架构 (web网站) C/S架构与socket的关系: 我们学习socket就是为了完成C/S架构的开发 二.OSI七层 ...
- Java 基础高级2 网络编程
1.协议的概念:通信双方事先约定好的通信规则 2七层网络通信协议:应用成,表示层,会话层,传输层,网络层,数据链路层 3.TCP/IP协议:点对点通信,三层握手,安全有保证 4.UDP协议;广播协议, ...
- python之网络编程
本地的进程间通信(IPC)有很多种方式,但可以总结为下面4类: 消息传递(管道.FIFO.消息队列) 同步(互斥量.条件变量.读写锁.文件和写记录锁.信号量) 共享内存(匿名的和具名的) 远程过程调用 ...
- 20145205 《Java程序设计》实验报告五:Java网络编程及安全
20145205 <Java程序设计>实验报告五:Java网络编程及安全 实验要求 1.掌握Socket程序的编写: 2.掌握密码技术的使用: 3.客户端中输入明文,利用DES算法加密,D ...
- 二十三、Java基础--------网络编程
Java中另一个重要技术就是网络编程了,为了更好的学习web方向的知识,有必要对java之网络编程好好学习,本文将围绕网络编程技术进行分析. 常见的网络协议:UDP.TCP UDP 1. 将数据源和目 ...
随机推荐
- 武汉科技大学ACM:1003: 华科版C语言程序设计教程(第二版)例题6.6.改编
Problem Description 小明明最喜欢学英语了,英语课从来不翘课,但是英语却一直没学好,因为上课一直在睡觉.为什么会睡觉呢,因为他觉得英文单词太长了.现在小明明有一个很长很长很长的单词, ...
- ubuntu自动挂载windows分区和开机自动启动wallproxy
1. 自动挂载windows分区 ubuntu默认是要点一下相应的盘符才会挂载windows分区的. 今天发现了ubuntu下最简单的自动挂载windows分区的办法.... :) 参考如下方法:ht ...
- linux笔记2.20
用户相关: /etc/passwd 用户信息 /etc/shadow 密码信息 /etc/group 组信息 添加用户: useradd -u -g 修改用户: usermod - ...
- JavaScript中的memorizing技术
今天看<JavaScript>设计模式第七章--工厂模式的时候接触到memorizing技术,简单的说就是对于某个方法,调用它的实例只在第一次调用它的时候才会进行方法中的计算,之后该实例再 ...
- 安全cookie登录状态设计方案
我们知道web是基于HTTP协议传输的,明文传输是极其危险的,随便哪个抓包工具分析下数据包,就over啦,一个加密的传输过程应该包括两部分,一部分为身份认证,用户鉴别这个用户的真伪:另外一部分为数据加 ...
- Symfony2源码分析——启动过程1
本文通过阅读分析Symfony2的源码,了解Symfony2启动过程中完成哪些工作,从阅读源码了解Symfony2框架. Symfony2的核心本质是把Request转换成Response的一个过程. ...
- Sicily 1034. Forest
题目地址:1034. Forest 思路: 网上很多说用深搜,很任性.......发现广搜也挺好用的,实验课打的(⊙o⊙)…orz........囧. 先找根结点,根据根结点广搜深度,广搜宽度,不过要 ...
- startActivityForResult案例
Info:startActivty 与 startActivityForResult区别 (1):startActivity 启动了其他Activity之后不会再回调过来,此时启动者与被启动者在启动后 ...
- MFC动态创建按钮,并在按钮上实现位图的切换显示
动态创建按钮,并在按钮中添加位图,通过单击按钮显示不同的位图,可设置为显示按钮按下和弹起两种状态.只要判断a值从而输入不同的响应代码. 1.在头文件中添加: CButton *pBtn; 2.在初始化 ...
- 检测鼠标键盘多久没有活动(使用GetLastInputInfo API函数检测)
DELPHI代码 unit Unit1; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Contro ...