System.Net网络编程--AuthenticationManager和IAuthenticationModule

AuthenticationManager——管理客户端身份验证过程中调用的身份验证模块。

public class Demo1
{
private static string username, password, domain, uri;

// This method invoked when the user does not enter the required input parameters.
private static void showusage()
{
Console.WriteLine("Attempts to authenticate to a URL");
Console.WriteLine("\r\nUse one of the following:");
Console.WriteLine("\tcustomBasicAuthentication URL username password domain");
Console.WriteLine("\tcustomBasicAuthentication URL username password");
}

// Display registered authentication modules.
private static void displayRegisteredModules()
{
// The AuthenticationManager calls all authentication modules sequentially
// until one of them responds with an authorization instance.  Show
// the current registered modules.
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
Console.WriteLine("\r\nThe following authentication modules are now registered with the system:");
while (registeredModules.MoveNext())
{
Console.WriteLine("\r \n Module : {0}", registeredModules.Current);
IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current;
Console.WriteLine("\t  CanPreAuthenticate : {0}", currentAuthenticationModule.CanPreAuthenticate);
}
}

private static void getPage(String url)
{
try
{
// 创建对象
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
req.Method = "GET";
if (domain == String.Empty)
{
req.Credentials = new NetworkCredential(username, password);
}
else
{
req.Credentials = new NetworkCredential(username, password, domain);
}
HttpWebResponse result = (HttpWebResponse)req.GetResponse();
Console.WriteLine("\nAuthentication Succeeded:");
Stream sData = result.GetResponseStream();
displayPageContent(sData);
}
catch (WebException e)
{
// Display any errors. In particular, display any protocol-related error.
if (e.Status == WebExceptionStatus.ProtocolError)
{
HttpWebResponse hresp = (HttpWebResponse)e.Response;
Console.WriteLine("\nAuthentication Failed, " + hresp.StatusCode);
Console.WriteLine("Status Code: " + (int)hresp.StatusCode);
Console.WriteLine("Status Description: " + hresp.StatusDescription);
return;
}
Console.WriteLine("Caught Exception: " + e.Message);
Console.WriteLine("Stack: " + e.StackTrace);
}
}
private static void displayPageContent(Stream ReceiveStream)
{
// 设置编码
Encoding ASCII = Encoding.ASCII;
Byte[] read = new Byte[512];

Console.WriteLine("\r\nPage Content...\r\n");
//输出
int bytes = ReceiveStream.Read(read, 0, 512);
while (bytes > 0)
{
Console.Write(ASCII.GetString(read, 0, bytes));
bytes = ReceiveStream.Read(read, 0, 512);
}
Console.WriteLine("");
}
public static void Main(string[] args)
{

if (args.Length < 3)
showusage();
else
{

// Read the user's credentials.
uri = args[0];
username = args[1];
password = args[2];

if (args.Length == 3)
domain = string.Empty;
else
domain = args[3];

// Instantiate the custom Basic authentication module.
CustomBasic customBasicModule = new CustomBasic();

// Unregister the standard Basic authentication module.
AuthenticationManager.Unregister("Basic");

// Register the custom Basic authentication module.
AuthenticationManager.Register(customBasicModule);

// Display registered authorization modules.
displayRegisteredModules();

// Read the specified page and display it on the console.
getPage(uri);
}
return;
}

private void Test()
{

WindowsAuthenticationModule tt = new WindowsAuthenticationModule();
}
}

// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.

/// <summary>
/// 认证模块
/// </summary>
public class CustomBasic : IAuthenticationModule
{

private string m_authenticationType;
private bool m_canPreAuthenticate;

// The CustomBasic constructor initializes the properties of the customized
// authentication.
public CustomBasic()
{
m_authenticationType = "Basic";
m_canPreAuthenticate = false;
}

// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType
{
get
{
return m_authenticationType;
}
}

// Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate
{
get
{
return m_canPreAuthenticate;
}
}

// The checkChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// domain name is equal to DOMAINNAME.
//校验规则和域名
public bool checkChallenge(string Challenge, string domain)
{
bool challengePasses = false;

String tempChallenge = Challenge.ToUpper();

// Verify that this is a Basic authorization request and that the requested domain
// is correct.
// Note: When the domain is an empty string, the following code only checks
// whether the authorization type is Basic.

if (tempChallenge.IndexOf("BASIC") != -1)
if (domain != String.Empty)
if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
challengePasses = true;
else
// The domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The domain is a blank string and the authorization type is Basic.
challengePasses = true;

return challengePasses;
}

// The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}

// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII;

// Get the username and password from the credentials
NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic");

if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed.");

// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge(challenge, MyCreds.Domain);

if (!challengeOk)
return null;

// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string BasicEncrypt = MyCreds.UserName + ":" + MyCreds.Password;

string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt));
//Basic 认证
Authorization resourceAuthorization = new Authorization(BasicToken);

// Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}", resourceAuthorization.Message);

// Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}", resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}

上面的代码摘抄自：https://msdn.microsoft.com/zh-cn/library/system.net.authenticationmanager%28v=vs.100%29.aspx?f=255&MSPPError=-2147217396

IAuthenticationModule：为 Web 客户端身份验证模块提供基身份验证接口。

在web.config 中的设置，当使用window验证时，可以设置自己的验证方式。当IIS不选择匿名验证时，使用的也是window集成验证。

<system.web>
<compilation debug="true">

</compilation>
<!--
通过 <authentication> 节，可配置
ASP.NET 用于识别进入用户的
安全身份验证模式。
-->
<authentication mode="Windows" />
<!--
通过 <customErrors> 节，可以配置
在执行请求的过程中出现未处理的错误时要执行
的操作。具体而言，
开发人员通过该节可配置要显示的 html 错误页，
以代替错误堆栈跟踪。

<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->

</system.web>
<system.net>
<authenticationModules>
<add type="xxx"/>
</authenticationModules>
</system.net>

　　


认证类：

BasicClient：Basic 认证

DigestClient：摘要认证

KerberosClient：Kerberos 认证

NegotiateClient：Negotiate 认证

NtlmClient：Ntlm 认证

认证的几种方式参考：http://blog.csdn.net/leafqing04/article/details/6434418

有什么不对的地方，麻烦指点一下，谢谢！