Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Existen diversos escenarios en los que nos es útil saber qué método de autenticación está utilizando nuestra aplicación web y con qué credenciales se está ejecutando nuestro código. Para poder determinarlo de forma rápida he desarrollado una página ASP.NET que hace estas comprobaciones y muestra el resultado en pantalla.
Este es el código de la página ASPX:
<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System.Threading" %>
<%@ Import Namespace="System.Security.Principal" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
public string AuthType, AuthPackage, WindowsID, HttpContextID, ThreadID;
private AuthTypeEnum _authType;
internal enum AuthTypeEnum
{
Anonymous,
Negotiate,
NTLM,
Other
}
protected void Page_Load(object sender, EventArgs e)
{
_authType = AuthTypeEnum.Other;
GetIdentities();
Response.Headers.Add("Connection", "Close");
}
private void GetIdentities()
{
AuthType = GetAuthType();
AuthPackage = GetAuthPackage();
WindowsID = GetWindowsID();
HttpContextID = GetHttpContextID();
ThreadID = GetThreadID();
}
private string GetAuthType()
{
if (Context.User.Identity.AuthenticationType != String.Empty)
{
_authType = AuthTypeEnum.Negotiate;
return Context.User.Identity.AuthenticationType;
}
else if (!Context.User.Identity.IsAuthenticated)
{
_authType = AuthTypeEnum.Anonymous;
return "Not Authenticated (Anonymous)";
}
else
return "-";
}
private string GetAuthPackage()
{
if (_authType != AuthTypeEnum.Anonymous &&
Context.Request.ServerVariables["HTTP_AUTHORIZATION"] != null)
{
string authHeader =
Context.Request.ServerVariables["HTTP_AUTHORIZATION"];
if (authHeader.StartsWith("Negotiate TlRMTVNTUA"))
return "Kerberos";
else
return "NTLM";
}
else
return "-";
}
private string GetWindowsID()
{
if (WindowsIdentity.GetCurrent().Name != String.Empty)
return WindowsIdentity.GetCurrent().Name;
else
return "-";
}
private string GetHttpContextID()
{
if (HttpContext.Current.User.Identity.Name != String.Empty)
return HttpContext.Current.User.Identity.Name;
else
return "-";
}
private string GetThreadID()
{
if (Thread.CurrentPrincipal.Identity.Name != String.Empty)
return Thread.CurrentPrincipal.Identity.Name;
else
return "-";
}
</script>
<html xmlns="https://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>ASP.NET Identity Test</title>
<style type="text/css">
.style_div
{
font-family: "Consolas";
font-size: 22px;
}
.left
{
font-weight: bold;
width: 300px;
}
.right
{
color: #FF0000;
}
</style>
</head>
<body>
<form id="form1" runat="server">
<div class="style_div">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="left">
Authentication Type:
</td>
<td class="right">
<% Response.Write(AuthType); %>
</td>
</tr>
<tr>
<td class="left">
Authentication Package:
</td>
<td class="right">
<% Response.Write(AuthPackage); %>
</td>
</tr>
<tr>
<td class="left">
Windows Identity:
</td>
<td class="right">
<% Response.Write(WindowsID); %>
</td>
</tr>
<tr>
<td class="left">
HttpContext Identity:
</td>
<td class="right">
<% Response.Write(HttpContextID); %>
</td>
</tr>
<tr>
<td class="left">
Thread Identity:
</td>
<td class="right">
<% Response.Write(ThreadID); %>
</td>
</tr>
</table>
</div>
</form>
</body>
</html>
Espero que os sea de utilidad.
- Daniel Mossberg