IAuthenticationModule 인터페이스
정의
중요
일부 정보는 릴리스되기 전에 상당 부분 수정될 수 있는 시험판 제품과 관련이 있습니다. Microsoft는 여기에 제공된 정보에 대해 어떠한 명시적이거나 묵시적인 보증도 하지 않습니다.
웹 클라이언트 인증 모듈에 기본 인증 인터페이스를 제공합니다.
public interface class IAuthenticationModule
public interface IAuthenticationModule
type IAuthenticationModule = interface
Public Interface IAuthenticationModule
예제
다음 예제에서는 인터페이스를 구현하여 사용자 지정된 인증 클래스를 IAuthenticationModule 만듭니다. 전체 예제는 클래스를 참조하세요 AuthenticationManager .
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. In particular it performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Impements the Authenticate method.
public ref class CustomBasic: public IAuthenticationModule
{
private:
String^ m_authenticationType;
bool m_canPreAuthenticate;
public:
// The CustomBasic constructor initializes the properties of the customized
// authentication.
CustomBasic()
{
m_authenticationType = "Basic";
m_canPreAuthenticate = false;
}
property String^ AuthenticationType
{
// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
virtual String^ get()
{
return m_authenticationType;
}
}
property bool CanPreAuthenticate
{
// Define the pre-authentication capabilities for the module. The default is set
// to false.
virtual bool get()
{
return m_canPreAuthenticate;
}
}
// The checkChallenge method checks if the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: the challenge is in the form BASIC REALM=S"DOMAINNAME"
// and you must assure that the Internet Web site resides on a server whose
// domain name is equal to DOMAINAME.
bool checkChallenge( String^ Challenge, String^ domain )
{
bool challengePasses = false;
String^ tempChallenge = Challenge->ToUpper();
// Verify that this is a Basic authorization request and the requested domain
// is correct.
// Note: When the domain is an empty string the following code only checks
// whether the authorization type is Basic.
if ( tempChallenge->IndexOf( "BASIC" ) != -1 )
if ( String::Compare( domain, String::Empty ) != 0 )
if ( tempChallenge->IndexOf( domain->ToUpper() ) != -1 )
challengePasses = true; // The domain is not allowed and the authorization type is Basic.
else
challengePasses = false;
else
challengePasses = true;
return challengePasses;
}
// The PreAuthenticate method specifies if the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implemebtation.
// In this case it always returns null.
virtual Authorization^ PreAuthenticate( WebRequest^ request, ICredentials^ credentials )
{
return nullptr;
}
// Authenticate is the core method for this custom authentication.
// When an internet resource requests authentication, the WebRequest::GetResponse
// method calls the AuthenticationManager::Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest, as
// shown by this routine's retun type.
virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^ credentials )
{
Encoding^ ASCII = Encoding::ASCII;
// Get the username and password from the credentials
NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri, "Basic" );
if ( PreAuthenticate( request, credentials ) == nullptr )
Console::WriteLine( "\n Pre-authentication is not allowed." );
else
Console::WriteLine( "\n Pre-authentication is allowed." );
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge( challenge, MyCreds->Domain );
if ( !challengeOk )
return nullptr;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 Encoding to this array of bytes to obtain the encoded
// authorization.
String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":", MyCreds->Password );
String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String( ASCII->GetBytes( BasicEncrypt ) ) );
// Create an Authorization object using the above encoded authorization.
Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
// Get the Message property which contains the authorization string that the
// client returns to the server when accessing protected resources
Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message );
// Get the Complete property which is set to true when the authentication process
// between the client and the server is finished.
Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete );
Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId );
return resourceAuthorization;
}
};
// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized basic
// authentication.
int main()
{
array<String^>^args = Environment::GetCommandLineArgs();
if ( args->Length < 4 )
TestAuthentication::showusage();
else
{
// Read the user's credentials.
TestAuthentication::uri = args[ 1 ];
TestAuthentication::username = args[ 2 ];
TestAuthentication::password = args[ 3 ];
if ( args->Length == 4 )
TestAuthentication::domain = String::Empty; // If the domain exists, store it. Usually the domain name
else
TestAuthentication::domain = args[ 4 ];
// is by default the name of the server hosting the Internet
// resource.
// Instantiate the custom Basic authentication module.
CustomBasic^ customBasicModule = gcnew CustomBasic;
// Unregister the standard Basic authentication module.
AuthenticationManager::Unregister( "Basic" );
// Register the custom Basic authentication module.
AuthenticationManager::Register( customBasicModule );
// Display registered Authorization modules.
TestAuthentication::displayRegisteredModules();
// Read the specified page and display it on the console.
TestAuthentication::getPage( TestAuthentication::uri );
}
}
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.
public class CustomBasic : IAuthenticationModule
{
// Define the authentication type. This type is then used to identify this
// custom authentication module. The default is set to Basic.
public string AuthenticationType { get; } = "Basic";
// Define the pre-authentication capabilities for the module. The default is set
// to false.
public bool CanPreAuthenticate { get; }
// The CheckChallenge method checks whether the challenge sent by the HttpWebRequest
// contains the correct type (Basic) and the correct domain name.
// Note: The challenge is in the form BASIC REALM="DOMAINNAME";
// the Internet Web site must reside on a server whose
// domain name is equal to DOMAINNAME.
public bool CheckChallenge(string challenge, string domain)
{
bool challengePasses = false;
String tempChallenge = challenge.ToUpper();
// Verify that this is a Basic authorization request and that the requested domain
// is correct.
// Note: When the domain is an empty string, the following code only checks
// whether the authorization type is Basic.
if (tempChallenge.IndexOf("BASIC") != -1)
if (!string.IsNullOrEmpty(domain))
if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
challengePasses = true;
else
// The domain is not allowed and the authorization type is Basic.
challengePasses = false;
else
// The domain is a blank string and the authorization type is Basic.
challengePasses = true;
return challengePasses;
}
// The PreAuthenticate method specifies whether the authentication implemented
// by this class allows pre-authentication.
// Even if you do not use it, this method must be implemented to obey to the rules
// of interface implementation.
// In this case it always returns null.
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}
// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII;
// Get the username and password from the credentials
NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");
if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed.");
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = CheckChallenge(challenge, myCreds.Domain);
if (!challengeOk)
return null;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;
string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));
// Create an Authorization object using the encoded authorization above.
Authorization resourceAuthorization = new Authorization(basicToken);
// Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);
// Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
}
' The CustomBasic class creates a custom Basic authentication by implementing the
' IAuthenticationModule interface. It performs the following
' tasks:
' 1) Defines and initializes the required properties.
' 2) Implements the Authenticate and PreAuthenticate methods.
Public Class CustomBasic
Implements IAuthenticationModule
Private m_authenticationType As String
Private m_canPreAuthenticate As Boolean
' The CustomBasic constructor initializes the properties of the customized
' authentication.
Public Sub New()
m_authenticationType = "Basic"
m_canPreAuthenticate = False
End Sub
' Define the authentication type. This type is then used to identify this
' custom authentication module. The default is set to Basic.
Public ReadOnly Property AuthenticationType() As String _
Implements IAuthenticationModule.AuthenticationType
Get
Return m_authenticationType
End Get
End Property
' Define the pre-authentication capabilities for the module. The default is set
' to false.
Public ReadOnly Property CanPreAuthenticate() As Boolean _
Implements IAuthenticationModule.CanPreAuthenticate
Get
Return m_canPreAuthenticate
End Get
End Property
' The checkChallenge method checks whether the challenge sent by the HttpWebRequest
' contains the correct type (Basic) and the correct domain name.
' Note: The challenge is in the form BASIC REALM="DOMAINNAME";
' the Internet Web site must reside on a server whose
' domain name is equal to DOMAINNAME.
Public Function checkChallenge(ByVal Challenge As String, ByVal domain As String) As Boolean
Dim challengePasses As Boolean = False
Dim tempChallenge As [String] = Challenge.ToUpper()
' Verify that this is a Basic authorization request and that the requested domain
' is correct.
' Note: When the domain is an empty string, the following code only checks
' whether the authorization type is Basic.
If tempChallenge.IndexOf("BASIC") <> -1 Then
If domain <> [String].Empty Then
If tempChallenge.IndexOf(domain.ToUpper()) <> -1 Then
challengePasses = True
' The domain is not allowed and the authorization type is Basic.
Else
challengePasses = False
End If
' The domain is a blank string and the authorization type is Basic.
Else
challengePasses = True
End If
End If
Return challengePasses
End Function 'checkChallenge
' The PreAuthenticate method specifies whether the authentication implemented
' by this class allows pre-authentication.
' Even if you do not use it, this method must be implemented to obey to the rules
' of interface implementation.
' In this case it always returns null.
Public Function PreAuthenticate(ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.PreAuthenticate
Return Nothing
End Function 'PreAuthenticate
' Authenticate is the core method for this custom authentication.
' When an Internet resource requests authentication, the WebRequest.GetResponse
' method calls the AuthenticationManager.Authenticate method. This method, in
' turn, calls the Authenticate method on each of the registered authentication
' modules, in the order in which they were registered. When the authentication is
' complete an Authorization object is returned to the WebRequest.
Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.Authenticate
Dim ASCII As Encoding = Encoding.ASCII
' Get the username and password from the credentials
Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")
If PreAuthenticate(request, credentials) Is Nothing Then
Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
Else
Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
End If
' Verify that the challenge satisfies the authorization requirements.
Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)
If Not challengeOk Then
Return Nothing
End If
' Create the encrypted string according to the Basic authentication format as
' follows:
' a)Concatenate the username and password separated by colon;
' b)Apply ASCII encoding to obtain a stream of bytes;
' c)Apply Base64 encoding to this array of bytes to obtain the encoded
' authorization.
Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password
Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))
' Create an Authorization object using the encoded authorization above.
Dim resourceAuthorization As New Authorization(BasicToken)
' Get the Message property, which contains the authorization string that the
' client returns to the server when accessing protected resources.
Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)
' Get the Complete property, which is set to true when the authentication process
' between the client and the server is finished.
Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)
Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)
Return resourceAuthorization
End Function 'Authenticate
End Class
설명
인터페이스는 IAuthenticationModule 사용자 지정 인증 모듈에서 사용해야 하는 속성과 메서드를 정의합니다.
인증 모듈은 서버에서 전체 인증 프로세스를 수행하여 인증 챌린지에 적절하게 응답합니다. 이 프로세스는 리소스 서버와 별도로 인증 서버에 대한 요청뿐만 아니라 URI에 대한 요청을 올바르게 인증하는 데 필요한 다른 작업으로 구성됩니다.
사용자 지정 인증 모듈은 인터페이스를 구현한 IAuthenticationModule 다음 메서드에 AuthenticationManager.Register 등록해야 합니다. 인증 모듈은 구성 파일을 읽어 프로그램 초기화 시에도 등록됩니다.
속성
AuthenticationType |
이 인증 모듈에서 제공한 인증 형식을 가져옵니다. |
CanPreAuthenticate |
인증 모듈의 사전 인증 지원 여부를 나타내는 값을 가져옵니다. |
메서드
Authenticate(String, WebRequest, ICredentials) |
서버의 인증 요구에 응답하여 Authorization 클래스의 인스턴스를 반환합니다. |
PreAuthenticate(WebRequest, ICredentials) |
서버에 인증을 요청하면 Authorization 클래스의 인스턴스를 반환합니다. |
적용 대상
추가 정보
.NET