Basically I need to serve files from a location that requires windows authentication. Instead of having my client's deal with it directly, I would like to implement a process so that they can simply download the files as if they were on my server, after they have logged in to my system, of course. Here is what I have so far, which doesn't seem to work correctly:
基本上我需要从需要Windows身份验证的位置提供文件。我没有让我的客户直接处理它,而是希望实现一个流程,这样他们就可以在登录到我的系统后,就像在我的服务器上一样下载文件,当然。这是我到目前为止,似乎没有正常工作:
// Create the request
WebRequest request = HttpWebRequest.Create(button.CommandArgument);
request.Credentials = new NetworkCredential(_username,_password);
// Get the response
WebResponse response = request.GetResponse();
StreamReader responseStream = new StreamReader( response.GetResponseStream());
// Send the response directly to output
Response.ContentEncoding = responseStream.CurrentEncoding;
Response.ContentType = request.ContentType;
Response.Write(responseStream.ReadToEnd());
Response.End();
When I try this I am able to view the file, but something is wrong with the encoding or the content type and, for example, a PDF will contain 16 blank pages (Instead of 16 pages of text).
当我尝试这个时,我能够查看文件,但编码或内容类型有问题,例如,PDF将包含16个空白页(而不是16页文本)。
Any idea what am I missing?
知道我错过了什么吗?
Feel free to change the title of this question if there is a better way of phrasing this question
如果有更好的方法来表达这个问题,请随意更改此问题的标题
Update: Tried the two responses below but with no luck. I now think that the content type and encoding are OK, but maybe the authentication is failing? The content-length is a lot smaller than it actually should be... Am I using the wrong method for Windows Authentication?
更新:尝试了以下两个回复,但没有运气。我现在认为内容类型和编码都没问题,但是认证可能失败了吗?内容长度比实际应该小得多......我使用错误的方法进行Windows身份验证吗?
3 个解决方案
#1
Depending on how/what you have. I would do a few things.
取决于您拥有的方式/内容。我会做一些事情。
Response.Clear() first of all to remove anything that might have been rendered.
Response.Clear()首先删除任何可能已呈现的内容。
I would then add a header, with content-disposition set and send it down as an actual attachment, rather than just writing it to the user.
然后我会添加一个标题,设置内容处理并将其作为实际附件发送,而不是仅仅将其写入用户。
#2
It looks like you're sending the wrong content type in your last code block. You're sending the type of the user's original request instead of the content type of the file that you've retrieved. Change this:
看起来您在最后一个代码块中发送了错误的内容类型。您正在发送用户原始请求的类型,而不是您检索到的文件的内容类型。改变这个:
Response.ContentType = request.ContentType;
to:
Response.ContentType = response.ContentType;
#3
If your problem is related to network credentials, you may want to try a different approach. If you grant HTTP access to the identity that the web site's application pool is using, you can avoid having to specify the username/password credentials in the request. This also gives you the added benefit of not needing to store the password somewhere.
如果您的问题与网络凭据有关,则可能需要尝试其他方法。如果您授予对网站应用程序池正在使用的标识的HTTP访问权限,则可以避免在请求中指定用户名/密码凭据。这也为您提供了无需在某处存储密码的额外好处。
#1
Depending on how/what you have. I would do a few things.
取决于您拥有的方式/内容。我会做一些事情。
Response.Clear() first of all to remove anything that might have been rendered.
Response.Clear()首先删除任何可能已呈现的内容。
I would then add a header, with content-disposition set and send it down as an actual attachment, rather than just writing it to the user.
然后我会添加一个标题,设置内容处理并将其作为实际附件发送,而不是仅仅将其写入用户。
#2
It looks like you're sending the wrong content type in your last code block. You're sending the type of the user's original request instead of the content type of the file that you've retrieved. Change this:
看起来您在最后一个代码块中发送了错误的内容类型。您正在发送用户原始请求的类型,而不是您检索到的文件的内容类型。改变这个:
Response.ContentType = request.ContentType;
to:
Response.ContentType = response.ContentType;
#3
If your problem is related to network credentials, you may want to try a different approach. If you grant HTTP access to the identity that the web site's application pool is using, you can avoid having to specify the username/password credentials in the request. This also gives you the added benefit of not needing to store the password somewhere.
如果您的问题与网络凭据有关,则可能需要尝试其他方法。如果您授予对网站应用程序池正在使用的标识的HTTP访问权限,则可以避免在请求中指定用户名/密码凭据。这也为您提供了无需在某处存储密码的额外好处。