System.Net网络编程--AuthenticationManager和IAuthenticationModule

时间:2021-01-03 16:07:39

AuthenticationManager——管理客户端身份验证过程中调用的身份验证模块。

public class Demo1
{
private static string username, password, domain, uri; // This method invoked when the user does not enter the required input parameters.
private static void showusage()
{
Console.WriteLine("Attempts to authenticate to a URL");
Console.WriteLine("\r\nUse one of the following:");
Console.WriteLine("\tcustomBasicAuthentication URL username password domain");
Console.WriteLine("\tcustomBasicAuthentication URL username password");
} // Display registered authentication modules.
private static void displayRegisteredModules()
{
// The AuthenticationManager calls all authentication modules sequentially
// until one of them responds with an authorization instance. Show
// the current registered modules.
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
Console.WriteLine("\r\nThe following authentication modules are now registered with the system:");
while (registeredModules.MoveNext())
{
Console.WriteLine("\r \n Module : {0}", registeredModules.Current);
IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current;
Console.WriteLine("\t CanPreAuthenticate : {0}", currentAuthenticationModule.CanPreAuthenticate);
}
} private static void getPage(String url)
{
try
{
// 创建对象
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
req.Method = "GET";
if (domain == String.Empty)
{
req.Credentials = new NetworkCredential(username, password);
}
else
{
req.Credentials = new NetworkCredential(username, password, domain);
}
HttpWebResponse result = (HttpWebResponse)req.GetResponse();
Console.WriteLine("\nAuthentication Succeeded:");
Stream sData = result.GetResponseStream();
displayPageContent(sData);
}
catch (WebException e)
{
// Display any errors. In particular, display any protocol-related error.
if (e.Status == WebExceptionStatus.ProtocolError)
{
HttpWebResponse hresp = (HttpWebResponse)e.Response;
Console.WriteLine("\nAuthentication Failed, " + hresp.StatusCode);
Console.WriteLine("Status Code: " + (int)hresp.StatusCode);
Console.WriteLine("Status Description: " + hresp.StatusDescription);
return;
}
Console.WriteLine("Caught Exception: " + e.Message);
Console.WriteLine("Stack: " + e.StackTrace);
}
}
private static void displayPageContent(Stream ReceiveStream)
{
// 设置编码
Encoding ASCII = Encoding.ASCII;
Byte[] read = new Byte[]; Console.WriteLine("\r\nPage Content...\r\n");
//输出
int bytes = ReceiveStream.Read(read, , );
while (bytes > )
{
Console.Write(ASCII.GetString(read, , bytes));
bytes = ReceiveStream.Read(read, , );
}
Console.WriteLine("");
}
public static void Main(string[] args)
{ if (args.Length < )
showusage();
else
{ // Read the user's credentials.
uri = args[];
username = args[];
password = args[]; if (args.Length == )
domain = string.Empty;
else
domain = args[]; // Instantiate the custom Basic authentication module.
CustomBasic customBasicModule = new CustomBasic(); // Unregister the standard Basic authentication module.
AuthenticationManager.Unregister("Basic"); // Register the custom Basic authentication module.
AuthenticationManager.Register(customBasicModule); // Display registered authorization modules.
displayRegisteredModules(); // Read the specified page and display it on the console.
getPage(uri);
}
return;
} private void Test()
{ WindowsAuthenticationModule tt = new WindowsAuthenticationModule();
}
} // The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method. /// <summary>
/// 认证模块
/// </summary>
public class CustomBasic : IAuthenticationModule
{ private string m_authenticationType;
private bool m_canPreAuthenticate; // The CustomBasic constructor initializes the properties of the customized
// authentication.
public CustomBasic()
{
m_authenticationType = "Basic";
m_canPreAuthenticate = false;
} // Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType
{
get
{
return m_authenticationType;
}
} // Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate
{
get
{
return m_canPreAuthenticate;
}
} // The checkChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// domain name is equal to DOMAINNAME.
//校验规则和域名
public bool checkChallenge(string Challenge, string domain)
{
bool challengePasses = false; String tempChallenge = Challenge.ToUpper(); // Verify that this is a Basic authorization request and that the requested domain
// is correct.
// Note: When the domain is an empty string, the following code only checks
// whether the authorization type is Basic. if (tempChallenge.IndexOf("BASIC") != -)
if (domain != String.Empty)
if (tempChallenge.IndexOf(domain.ToUpper()) != -)
challengePasses = true;
else
// The domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The domain is a blank string and the authorization type is Basic.
challengePasses = true; return challengePasses;
} // The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
} // Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII; // Get the username and password from the credentials
NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic"); if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed."); // Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge(challenge, MyCreds.Domain); if (!challengeOk)
return null; // Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string BasicEncrypt = MyCreds.UserName + ":" + MyCreds.Password; string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt));
//Basic 认证
Authorization resourceAuthorization = new Authorization(BasicToken); // Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}", resourceAuthorization.Message); // Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}", resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}

上面的代码摘抄自:https://msdn.microsoft.com/zh-cn/library/system.net.authenticationmanager%28v=vs.100%29.aspx?f=255&MSPPError=-2147217396

IAuthenticationModule:为 Web 客户端身份验证模块提供基身份验证接口。

在web.config 中的设置,当使用window验证时,可以设置自己的验证方式。当IIS不选择匿名验证时,使用的也是window集成验证。

  <system.web>
<compilation debug="true"> </compilation>
<!--
通过 <authentication> 节,可配置
ASP.NET 用于识别进入用户的
安全身份验证模式。
-->
<authentication mode="Windows" />
<!--
通过 <customErrors> 节,可以配置
在执行请求的过程中出现未处理的错误时要执行
的操作。具体而言,
开发人员通过该节可配置要显示的 html 错误页,
以代替错误堆栈跟踪。 <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="" redirect="NoAccess.htm" />
<error statusCode="" redirect="FileNotFound.htm" />
</customErrors>
--> </system.web>
<system.net>
<authenticationModules>
<add type="xxx"/>
</authenticationModules>
</system.net>

  System.Net网络编程--AuthenticationManager和IAuthenticationModule

认证类:

BasicClientBasic 认证
DigestClient:摘要认证
KerberosClient:Kerberos 认证
NegotiateClient:Negotiate 认证
 NtlmClient:Ntlm 认证


认证的几种方式参考:http://blog.csdn.net/leafqing04/article/details/6434418
 
有什么不对的地方,麻烦指点一下,谢谢!