IAuthenticationModule 接口
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
为 Web 客户端身份验证模块提供基本身份验证接口。
public interface class IAuthenticationModulepublic interface IAuthenticationModuletype IAuthenticationModule = interfacePublic Interface IAuthenticationModule示例
以下示例通过实现 IAuthenticationModule 接口创建自定义身份验证类。 有关完整示例, AuthenticationManager 请参阅 类。
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.
public class CustomBasic : IAuthenticationModule
{
// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType { get; } = "Basic";
// Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate { get; }
// The CheckChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct ___domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// ___domain name is equal to DOMAINNAME.
public bool CheckChallenge(string challenge, string ___domain)
{
bool challengePasses = false;
String tempChallenge = challenge.ToUpper();
// Verify that this is a Basic authorization request and that the requested ___domain
// is correct.
// Note: When the ___domain is an empty string, the following code only checks
// whether the authorization type is Basic.
if (tempChallenge.IndexOf("BASIC") != -1)
if (!string.IsNullOrEmpty(___domain))
if (tempChallenge.IndexOf(___domain.ToUpper()) != -1)
challengePasses = true;
else
// The ___domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The ___domain is a blank string and the authorization type is Basic.
challengePasses = true;
return challengePasses;
}
// The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}
// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII;
// Get the username and password from the credentials
NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");
if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed.");
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = CheckChallenge(challenge, myCreds.Domain);
if (!challengeOk)
return null;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;
string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));
// Create an Authorization object using the encoded authorization above.
Authorization resourceAuthorization = new Authorization(basicToken);
// Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);
// Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}
' The CustomBasic class creates a custom Basic authentication by implementing the
' IAuthenticationModule interface. It performs the following
' tasks:
' 1) Defines and initializes the required properties.
' 2) Implements the Authenticate and PreAuthenticate methods.
Public Class CustomBasic
Implements IAuthenticationModule
Private m_authenticationType As String
Private m_canPreAuthenticate As Boolean
' The CustomBasic constructor initializes the properties of the customized
' authentication.
Public Sub New()
m_authenticationType = "Basic"
m_canPreAuthenticate = False
End Sub
' Define the authentication type. This type is then used to identify this
' custom authentication module. The default is set to Basic.
Public ReadOnly Property AuthenticationType() As String _
Implements IAuthenticationModule.AuthenticationType
Get
Return m_authenticationType
End Get
End Property
' Define the pre-authentication capabilities for the module. The default is set
' to false.
Public ReadOnly Property CanPreAuthenticate() As Boolean _
Implements IAuthenticationModule.CanPreAuthenticate
Get
Return m_canPreAuthenticate
End Get
End Property
' The checkChallenge method checks whether the challenge sent by the HttpWebRequest
' contains the correct type (Basic) and the correct ___domain name.
' Note: The challenge is in the form BASIC REALM="DOMAINNAME";
' the Internet Web site must reside on a server whose
' ___domain name is equal to DOMAINNAME.
Public Function checkChallenge(ByVal Challenge As String, ByVal ___domain As String) As Boolean
Dim challengePasses As Boolean = False
Dim tempChallenge As [String] = Challenge.ToUpper()
' Verify that this is a Basic authorization request and that the requested ___domain
' is correct.
' Note: When the ___domain is an empty string, the following code only checks
' whether the authorization type is Basic.
If tempChallenge.IndexOf("BASIC") <> -1 Then
If ___domain <> [String].Empty Then
If tempChallenge.IndexOf(___domain.ToUpper()) <> -1 Then
challengePasses = True
' The ___domain is not allowed and the authorization type is Basic.
Else
challengePasses = False
End If
' The ___domain is a blank string and the authorization type is Basic.
Else
challengePasses = True
End If
End If
Return challengePasses
End Function 'checkChallenge
' The PreAuthenticate method specifies whether the authentication implemented
' by this class allows pre-authentication.
' Even if you do not use it, this method must be implemented to obey to the rules
' of interface implementation.
' In this case it always returns null.
Public Function PreAuthenticate(ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.PreAuthenticate
Return Nothing
End Function 'PreAuthenticate
' Authenticate is the core method for this custom authentication.
' When an Internet resource requests authentication, the WebRequest.GetResponse
' method calls the AuthenticationManager.Authenticate method. This method, in
' turn, calls the Authenticate method on each of the registered authentication
' modules, in the order in which they were registered. When the authentication is
' complete an Authorization object is returned to the WebRequest.
Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.Authenticate
Dim ASCII As Encoding = Encoding.ASCII
' Get the username and password from the credentials
Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")
If PreAuthenticate(request, credentials) Is Nothing Then
Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
Else
Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
End If
' Verify that the challenge satisfies the authorization requirements.
Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)
If Not challengeOk Then
Return Nothing
End If
' Create the encrypted string according to the Basic authentication format as
' follows:
' a)Concatenate the username and password separated by colon;
' b)Apply ASCII encoding to obtain a stream of bytes;
' c)Apply Base64 encoding to this array of bytes to obtain the encoded
' authorization.
Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password
Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))
' Create an Authorization object using the encoded authorization above.
Dim resourceAuthorization As New Authorization(BasicToken)
' Get the Message property, which contains the authorization string that the
' client returns to the server when accessing protected resources.
Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)
' Get the Complete property, which is set to true when the authentication process
' between the client and the server is finished.
Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)
Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)
Return resourceAuthorization
End Function 'Authenticate
End Class
注解
接口 IAuthenticationModule 定义自定义身份验证模块必须使用的属性和方法。
身份验证模块对服务器执行整个身份验证过程,并根据需要响应身份验证质询。 此过程可能包括对独立于资源服务器的身份验证服务器的请求,以及正确验证 URI 请求所需的任何其他活动。
自定义身份验证模块应实现 接口, IAuthenticationModule 然后使用 方法注册 AuthenticationManager.Register 。 身份验证模块也通过读取配置文件在程序初始化时注册。
属性
| AuthenticationType |
获取此身份验证模块提供的身份验证类型。 |
| CanPreAuthenticate |
获取一个值,该值指示身份验证模块是否支持预身份验证。 |
方法
| Authenticate(String, WebRequest, ICredentials) |
返回 Authorization 类的实例来响应来自服务器的身份验证要求。 |
| PreAuthenticate(WebRequest, ICredentials) |
为对服务器的的身份验证请求返回 Authorization 类的一个实例。 |
