IntranetZoneCredentialPolicy.ShouldSendCredential Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Returns a Boolean that indicates whether the client's credentials are sent with a request for a resource that was made using WebRequest.
public:
virtual bool ShouldSendCredential(Uri ^ challengeUri, System::Net::WebRequest ^ request, System::Net::NetworkCredential ^ credential, System::Net::IAuthenticationModule ^ authModule);
public virtual bool ShouldSendCredential (Uri challengeUri, System.Net.WebRequest request, System.Net.NetworkCredential credential, System.Net.IAuthenticationModule authModule);
abstract member ShouldSendCredential : Uri * System.Net.WebRequest * System.Net.NetworkCredential * System.Net.IAuthenticationModule -> bool
override this.ShouldSendCredential : Uri * System.Net.WebRequest * System.Net.NetworkCredential * System.Net.IAuthenticationModule -> bool
Public Overridable Function ShouldSendCredential (challengeUri As Uri, request As WebRequest, credential As NetworkCredential, authModule As IAuthenticationModule) As Boolean
Parameters
- request
- WebRequest
The WebRequest that represents the resource being requested.
- credential
- NetworkCredential
The NetworkCredential that will be sent with the request if this method returns true
.
- authModule
- IAuthenticationModule
The IAuthenticationModule that will conduct the authentication, if authentication is required.
Returns
true
if the requested resource is in the same domain as the client making the request; otherwise, false
.
Implements
Examples
The following code example demonstrates deriving from IntranetZoneCredentialPolicy to allow credentials to be sent for requests that use Secure Hypertext Transfer Protocol (HTTPS) with basic authentication. Using HTTPS and basic authentication, the user password is encrypted before being sent over the network.
// The following class allows credentials to be sent if they are for requests for resources
// in the same domain, or if the request uses the HTTPSscheme and basic authentication is
// required.
public ref class HttpsBasicCredentialPolicy: public IntranetZoneCredentialPolicy
{
public:
HttpsBasicCredentialPolicy(){}
virtual bool ShouldSendCredential( Uri^ challengeUri, WebRequest^ request, NetworkCredential^ credential, IAuthenticationModule^ authModule ) override
{
Console::WriteLine( L"Checking custom credential policy for HTTPS and basic." );
bool answer = IntranetZoneCredentialPolicy::ShouldSendCredential( challengeUri, request, credential, authModule );
if ( answer == true )
{
Console::WriteLine( L"Sending credential for intranet resource." );
return answer;
}
// Determine whether the base implementation returned false for basic and HTTPS.
if ( request->RequestUri->Scheme == Uri::UriSchemeHttps && authModule->AuthenticationType->Equals( L"Basic" ) )
{
Console::WriteLine( L"Sending credential for HTTPS and basic." );
return true;
}
return false;
}
};
// The following class allows credentials to be sent if they are for requests for resources
// in the same domain, or if the request uses the HTTPSscheme and basic authentication is
// required.
public class HttpsBasicCredentialPolicy: IntranetZoneCredentialPolicy
{
public HttpsBasicCredentialPolicy()
{
}
public override bool ShouldSendCredential(Uri challengeUri,
WebRequest request,
NetworkCredential credential,
IAuthenticationModule authModule)
{
Console.WriteLine("Checking custom credential policy for HTTPS and basic.");
bool answer = base.ShouldSendCredential(challengeUri, request, credential, authModule);
if (answer == true)
{
Console.WriteLine("Sending credential for intranet resource.");
return answer;
}
// Determine whether the base implementation returned false for basic and HTTPS.
if (request.RequestUri.Scheme == Uri.UriSchemeHttps &&
authModule.AuthenticationType == "Basic")
{
Console.WriteLine("Sending credential for HTTPS and basic.");
return true;
}
return false;
}
}
Remarks
Applications do not call this method directly; it is called by the IAuthenticationModule that is responsible for performing authentication with the server. If this method returns false
, the IAuthenticationModule will not authenticate the client to the server.
This method is called only for requests that specify credentials or use a WebProxy object that specifies credentials.