AuthenticationManager——管理客户端身份验证过程中调用的身份验证模块。
public class Demo1 { private static string username, password, domain, uri; // This method invoked when the user does not enter the required input parameters. private static void showusage() { Console.WriteLine("Attempts to authenticate to a URL"); Console.WriteLine(" Use one of the following:"); Console.WriteLine(" customBasicAuthentication URL username password domain"); Console.WriteLine(" customBasicAuthentication URL username password"); } // Display registered authentication modules. private static void displayRegisteredModules() { // The AuthenticationManager calls all authentication modules sequentially // until one of them responds with an authorization instance. Show // the current registered modules. IEnumerator registeredModules = AuthenticationManager.RegisteredModules; Console.WriteLine(" The following authentication modules are now registered with the system:"); while (registeredModules.MoveNext()) { Console.WriteLine(" Module : {0}", registeredModules.Current); IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current; Console.WriteLine(" CanPreAuthenticate : {0}", currentAuthenticationModule.CanPreAuthenticate); } } private static void getPage(String url) { try { // 创建对象 HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url); req.Method = "GET"; if (domain == String.Empty) { req.Credentials = new NetworkCredential(username, password); } else { req.Credentials = new NetworkCredential(username, password, domain); } HttpWebResponse result = (HttpWebResponse)req.GetResponse(); Console.WriteLine(" Authentication Succeeded:"); Stream sData = result.GetResponseStream(); displayPageContent(sData); } catch (WebException e) { // Display any errors. In particular, display any protocol-related error. if (e.Status == WebExceptionStatus.ProtocolError) { HttpWebResponse hresp = (HttpWebResponse)e.Response; Console.WriteLine(" Authentication Failed, " + hresp.StatusCode); Console.WriteLine("Status Code: " + (int)hresp.StatusCode); Console.WriteLine("Status Description: " + hresp.StatusDescription); return; } Console.WriteLine("Caught Exception: " + e.Message); Console.WriteLine("Stack: " + e.StackTrace); } } private static void displayPageContent(Stream ReceiveStream) { // 设置编码 Encoding ASCII = Encoding.ASCII; Byte[] read = new Byte[512]; Console.WriteLine(" Page Content... "); //输出 int bytes = ReceiveStream.Read(read, 0, 512); while (bytes > 0) { Console.Write(ASCII.GetString(read, 0, bytes)); bytes = ReceiveStream.Read(read, 0, 512); } Console.WriteLine(""); } public static void Main(string[] args) { if (args.Length < 3) showusage(); else { // Read the user's credentials. uri = args[0]; username = args[1]; password = args[2]; if (args.Length == 3) domain = string.Empty; else domain = args[3]; // Instantiate the custom Basic authentication module. CustomBasic customBasicModule = new CustomBasic(); // Unregister the standard Basic authentication module. AuthenticationManager.Unregister("Basic"); // Register the custom Basic authentication module. AuthenticationManager.Register(customBasicModule); // Display registered authorization modules. displayRegisteredModules(); // Read the specified page and display it on the console. getPage(uri); } return; } private void Test() { WindowsAuthenticationModule tt = new WindowsAuthenticationModule(); } } // The CustomBasic class creates a custom Basic authentication by implementing the // IAuthenticationModule interface. It performs the following // tasks: // 1) Defines and initializes the required properties. // 2) Implements the Authenticate method. /// <summary> /// 认证模块 /// </summary> public class CustomBasic : IAuthenticationModule { private string m_authenticationType; private bool m_canPreAuthenticate; // The CustomBasic constructor initializes the properties of the customized // authentication. public CustomBasic() { m_authenticationType = "Basic"; m_canPreAuthenticate = false; } // Define the authentication type. This type is then used to identify this // custom authentication module. The default is set to Basic. public string AuthenticationType { get { return m_authenticationType; } } // Define the pre-authentication capabilities for the module. The default is set // to false. public bool CanPreAuthenticate { get { return m_canPreAuthenticate; } } // The checkChallenge method checks whether the challenge sent by the HttpWebRequest // contains the correct type (Basic) and the correct domain name. // Note: The challenge is in the form BASIC REALM="DOMAINNAME"; // the Internet Web site must reside on a server whose // domain name is equal to DOMAINNAME. //校验规则和域名 public bool checkChallenge(string Challenge, string domain) { bool challengePasses = false; String tempChallenge = Challenge.ToUpper(); // Verify that this is a Basic authorization request and that the requested domain // is correct. // Note: When the domain is an empty string, the following code only checks // whether the authorization type is Basic. if (tempChallenge.IndexOf("BASIC") != -1) if (domain != String.Empty) if (tempChallenge.IndexOf(domain.ToUpper()) != -1) challengePasses = true; else // The domain is not allowed and the authorization type is Basic. challengePasses = false; else // The domain is a blank string and the authorization type is Basic. challengePasses = true; return challengePasses; } // The PreAuthenticate method specifies whether the authentication implemented // by this class allows pre-authentication. // Even if you do not use it, this method must be implemented to obey to the rules // of interface implementation. // In this case it always returns null. public Authorization PreAuthenticate(WebRequest request, ICredentials credentials) { return null; } // Authenticate is the core method for this custom authentication. // When an Internet resource requests authentication, the WebRequest.GetResponse // method calls the AuthenticationManager.Authenticate method. This method, in // turn, calls the Authenticate method on each of the registered authentication // modules, in the order in which they were registered. When the authentication is // complete an Authorization object is returned to the WebRequest. public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials) { Encoding ASCII = Encoding.ASCII; // Get the username and password from the credentials NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic"); if (PreAuthenticate(request, credentials) == null) Console.WriteLine(" Pre-authentication is not allowed."); else Console.WriteLine(" Pre-authentication is allowed."); // Verify that the challenge satisfies the authorization requirements. bool challengeOk = checkChallenge(challenge, MyCreds.Domain); if (!challengeOk) return null; // Create the encrypted string according to the Basic authentication format as // follows: // a)Concatenate the username and password separated by colon; // b)Apply ASCII encoding to obtain a stream of bytes; // c)Apply Base64 encoding to this array of bytes to obtain the encoded // authorization. string BasicEncrypt = MyCreds.UserName + ":" + MyCreds.Password; string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt)); //Basic 认证 Authorization resourceAuthorization = new Authorization(BasicToken); // Get the Message property, which contains the authorization string that the // client returns to the server when accessing protected resources. Console.WriteLine(" Authorization Message:{0}", resourceAuthorization.Message); // Get the Complete property, which is set to true when the authentication process // between the client and the server is finished. Console.WriteLine(" Authorization Complete:{0}", resourceAuthorization.Complete); Console.WriteLine(" Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId); return resourceAuthorization; } }
上面的代码摘抄自:https://msdn.microsoft.com/zh-cn/library/system.net.authenticationmanager%28v=vs.100%29.aspx?f=255&MSPPError=-2147217396
IAuthenticationModule:为 Web 客户端身份验证模块提供基身份验证接口。
在web.config 中的设置,当使用window验证时,可以设置自己的验证方式。当IIS不选择匿名验证时,使用的也是window集成验证。
<system.web>
<compilation debug="true">
</compilation>
<!--
通过 <authentication> 节,可配置
ASP.NET 用于识别进入用户的
安全身份验证模式。
-->
<authentication mode="Windows" />
<!--
通过 <customErrors> 节,可以配置
在执行请求的过程中出现未处理的错误时要执行
的操作。具体而言,
开发人员通过该节可配置要显示的 html 错误页,
以代替错误堆栈跟踪。
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
<system.net>
<authenticationModules>
<add type="xxx"/>
</authenticationModules>
</system.net>
认证类:
BasicClient:Basic 认证
DigestClient:摘要认证
KerberosClient:Kerberos 认证
NegotiateClient:Negotiate 认证
NtlmClient:Ntlm 认证
认证的几种方式参考:http://blog.csdn.net/leafqing04/article/details/6434418
有什么不对的地方,麻烦指点一下,谢谢!