IAuthenticationModule Arabirim

Başvuru

Tanım

Ad Alanı:: System.Net

Bütünleştirilmiş Kodlar:: netstandard.dll, System.Net.Requests.dll

Bütünleştirilmiş Kod:: System.Net.Requests.dll

Bütünleştirilmiş Kod:: System.dll

Bütünleştirilmiş Kod:: netstandard.dll

Önemli

Bazı bilgiler ürünün ön sürümüyle ilgilidir ve sürüm öncesinde önemli değişiklikler yapılmış olabilir. Burada verilen bilgilerle ilgili olarak Microsoft açık veya zımni hiçbir garanti vermez.

Web istemcisi kimlik doğrulama modülleri için temel kimlik doğrulama arabirimini sağlar.

public interface class IAuthenticationModule

public interface IAuthenticationModule

type IAuthenticationModule = interface

Public Interface IAuthenticationModule

Örnekler

Aşağıdaki örnek, arabirimini uygulayarak IAuthenticationModule özelleştirilmiş bir kimlik doğrulama sınıfı oluşturur. Tam bir örnek için sınıfına AuthenticationManager bakın.

// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. In particular it performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Impements the Authenticate method.
public ref class CustomBasic: public IAuthenticationModule
{
private:

   String^ m_authenticationType;
   bool m_canPreAuthenticate;

public:

   // The CustomBasic constructor initializes the properties of the customized
   // authentication.
   CustomBasic()
   {
      m_authenticationType = "Basic";
      m_canPreAuthenticate = false;
   }


   property String^ AuthenticationType 
   {

      // Define the authentication type. This type is then used to identify this
      // custom authentication module. The default is set to Basic.
      virtual String^ get()
      {
         return m_authenticationType;
      }

   }

   property bool CanPreAuthenticate 
   {

      // Define the pre-authentication capabilities for the module. The default is set
      // to false.
      virtual bool get()
      {
         return m_canPreAuthenticate;
      }

   }

   // The checkChallenge method checks if the challenge sent by the HttpWebRequest
   // contains the correct type (Basic) and the correct domain name.
   // Note: the challenge is in the form BASIC REALM=S"DOMAINNAME"
   // and you must assure that the Internet Web site resides on a server whose
   // domain name is equal to DOMAINAME.
   bool checkChallenge( String^ Challenge, String^ domain )
   {
      bool challengePasses = false;
      String^ tempChallenge = Challenge->ToUpper();
      
      // Verify that this is a Basic authorization request and the requested domain
      // is correct.
      // Note: When the domain is an empty string the following code only checks
      // whether the authorization type is Basic.
      if ( tempChallenge->IndexOf( "BASIC" ) != -1 )
            if ( String::Compare( domain, String::Empty ) != 0 )
            if ( tempChallenge->IndexOf( domain->ToUpper() ) != -1 )
            challengePasses = true; // The domain is not allowed and the authorization type is Basic.
      else
            challengePasses = false;

      else
            challengePasses = true;


      return challengePasses;
   }


   // The PreAuthenticate method specifies if the authentication implemented
   // by this class allows pre-authentication.
   // Even if you do not use it, this method must be implemented to obey to the rules
   // of interface implemebtation.
   // In this case it always returns null.
   virtual Authorization^ PreAuthenticate( WebRequest^ request, ICredentials^ credentials )
   {
      return nullptr;
   }


   // Authenticate is the core method for this custom authentication.
   // When an internet resource requests authentication, the WebRequest::GetResponse
   // method calls the AuthenticationManager::Authenticate method. This method, in
   // turn, calls the Authenticate method on each of the registered authentication
   // modules, in the order they were registered. When the authentication is
   // complete an Authorization object is returned to the WebRequest, as
   // shown by this routine's retun type.
   virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^ credentials )
   {
      Encoding^ ASCII = Encoding::ASCII;
      
      // Get the username and password from the credentials
      NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri, "Basic" );
      if ( PreAuthenticate( request, credentials ) == nullptr )
            Console::WriteLine( "\n Pre-authentication is not allowed." );
      else
            Console::WriteLine( "\n Pre-authentication is allowed." );

      
      // Verify that the challenge satisfies the authorization requirements.
      bool challengeOk = checkChallenge( challenge, MyCreds->Domain );
      if (  !challengeOk )
            return nullptr;

      
      // Create the encrypted string according to the Basic authentication format as
      // follows:
      // a)Concatenate username and password separated by colon;
      // b)Apply ASCII encoding to obtain a stream of bytes;
      // c)Apply Base64 Encoding to this array of bytes to obtain the encoded
      // authorization.
      String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":", MyCreds->Password );
      String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String( ASCII->GetBytes( BasicEncrypt ) ) );
      
      // Create an Authorization object using the above encoded authorization.
      Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
      
      // Get the Message property which contains the authorization string that the
      // client returns to the server when accessing protected resources
      Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message );
      
      // Get the Complete property which is set to true when the authentication process
      // between the client and the server is finished.
      Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete );
      
      Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId );
      return resourceAuthorization;
   }

};


// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized basic
// authentication.
int main()
{
   array<String^>^args = Environment::GetCommandLineArgs();
   if ( args->Length < 4 )
      TestAuthentication::showusage();
   else
   {
      
      // Read the user's credentials.
      TestAuthentication::uri = args[ 1 ];
      TestAuthentication::username = args[ 2 ];
      TestAuthentication::password = args[ 3 ];
      if ( args->Length == 4 )
            TestAuthentication::domain = String::Empty; // If the domain exists, store it. Usually the domain name
      else
            TestAuthentication::domain = args[ 4 ];
      
      // is by default the name of the server hosting the Internet
      // resource.
      // Instantiate the custom Basic authentication module.
      CustomBasic^ customBasicModule = gcnew CustomBasic;
      
      // Unregister the standard Basic authentication module.
      AuthenticationManager::Unregister( "Basic" );
      
      // Register the custom Basic authentication module.
      AuthenticationManager::Register( customBasicModule );
      
      // Display registered Authorization modules.
      TestAuthentication::displayRegisteredModules();
      
      // Read the specified page and display it on the console.
      TestAuthentication::getPage( TestAuthentication::uri );
   }
}

// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.

public class CustomBasic : IAuthenticationModule
{

  // Define the authentication type. This type is then used to identify this
  // custom authentication module. The default is set to Basic.
  public string AuthenticationType { get; } = "Basic";

  // Define the pre-authentication capabilities for the module. The default is set
  // to false.
  public bool CanPreAuthenticate { get; }

  // The CheckChallenge method checks whether the challenge sent by the HttpWebRequest
  // contains the correct type (Basic) and the correct domain name.
  // Note: The challenge is in the form BASIC REALM="DOMAINNAME";
  // the Internet Web site must reside on a server whose
  // domain name is equal to DOMAINNAME.
  public bool CheckChallenge(string challenge, string domain)
  {
    bool challengePasses = false;

    String tempChallenge = challenge.ToUpper();

    // Verify that this is a Basic authorization request and that the requested domain
    // is correct.
    // Note: When the domain is an empty string, the following code only checks
    // whether the authorization type is Basic.

    if (tempChallenge.IndexOf("BASIC") != -1)
      if (!string.IsNullOrEmpty(domain))
        if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
          challengePasses = true;
        else
          // The domain is not allowed and the authorization type is Basic.
          challengePasses = false;
      else
        // The domain is a blank string and the authorization type is Basic.
        challengePasses = true;

    return challengePasses;
  }

  // The PreAuthenticate method specifies whether the authentication implemented
  // by this class allows pre-authentication.
  // Even if you do not use it, this method must be implemented to obey to the rules
  // of interface implementation.
  // In this case it always returns null.
  public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
  {
    return null;
  }

  // Authenticate is the core method for this custom authentication.
  // When an Internet resource requests authentication, the WebRequest.GetResponse
  // method calls the AuthenticationManager.Authenticate method. This method, in
  // turn, calls the Authenticate method on each of the registered authentication
  // modules, in the order in which they were registered. When the authentication is
  // complete an Authorization object is returned to the WebRequest.
  public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
  {
    Encoding ASCII = Encoding.ASCII;

    // Get the username and password from the credentials
    NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");

    if (PreAuthenticate(request, credentials) == null)
      Console.WriteLine("\n Pre-authentication is not allowed.");
    else
      Console.WriteLine("\n Pre-authentication is allowed.");

    // Verify that the challenge satisfies the authorization requirements.
    bool challengeOk = CheckChallenge(challenge, myCreds.Domain);

    if (!challengeOk)
      return null;

    // Create the encrypted string according to the Basic authentication format as
    // follows:
    // a)Concatenate the username and password separated by colon;
    // b)Apply ASCII encoding to obtain a stream of bytes;
    // c)Apply Base64 encoding to this array of bytes to obtain the encoded
    // authorization.
    string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;

    string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));

    // Create an Authorization object using the encoded authorization above.
    Authorization resourceAuthorization = new Authorization(basicToken);

    // Get the Message property, which contains the authorization string that the
    // client returns to the server when accessing protected resources.
    Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);

    // Get the Complete property, which is set to true when the authentication process
    // between the client and the server is finished.
    Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);

    Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);

    return resourceAuthorization;
  }
}

' The CustomBasic class creates a custom Basic authentication by implementing the
' IAuthenticationModule interface. It performs the following
' tasks:
' 1) Defines and initializes the required properties.
' 2) Implements the Authenticate and PreAuthenticate methods.

Public Class CustomBasic
  Implements IAuthenticationModule

  Private m_authenticationType As String
  Private m_canPreAuthenticate As Boolean


  ' The CustomBasic constructor initializes the properties of the customized 
  ' authentication.
  Public Sub New()
    m_authenticationType = "Basic"
    m_canPreAuthenticate = False
  End Sub

  ' Define the authentication type. This type is then used to identify this
  ' custom authentication module. The default is set to Basic.

  Public ReadOnly Property AuthenticationType() As String _
   Implements IAuthenticationModule.AuthenticationType

    Get
      Return m_authenticationType
    End Get
  End Property

  ' Define the pre-authentication capabilities for the module. The default is set
  ' to false.

  Public ReadOnly Property CanPreAuthenticate() As Boolean _
   Implements IAuthenticationModule.CanPreAuthenticate


    Get
      Return m_canPreAuthenticate
    End Get
  End Property

' The checkChallenge method checks whether the challenge sent by the HttpWebRequest 
' contains the correct type (Basic) and the correct domain name. 
' Note: The challenge is in the form BASIC REALM="DOMAINNAME"; 
' the Internet Web site must reside on a server whose
' domain name is equal to DOMAINNAME.
  Public Function checkChallenge(ByVal Challenge As String, ByVal domain As String) As Boolean
    Dim challengePasses As Boolean = False

    Dim tempChallenge As [String] = Challenge.ToUpper()

    ' Verify that this is a Basic authorization request and that the requested domain
    ' is correct.
    ' Note: When the domain is an empty string, the following code only checks 
    ' whether the authorization type is Basic.
    If tempChallenge.IndexOf("BASIC") <> -1 Then
      If domain <> [String].Empty Then
        If tempChallenge.IndexOf(domain.ToUpper()) <> -1 Then
          challengePasses = True
          ' The domain is not allowed and the authorization type is Basic.
        Else
          challengePasses = False
        End If
        ' The domain is a blank string and the authorization type is Basic.
      Else
        challengePasses = True
      End If
    End If
    Return challengePasses
  End Function 'checkChallenge


  ' The PreAuthenticate method specifies whether the authentication implemented 
  ' by this class allows pre-authentication. 
  ' Even if you do not use it, this method must be implemented to obey to the rules 
  ' of interface implementation.
  ' In this case it always returns null. 
  Public Function PreAuthenticate(ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
      Implements IAuthenticationModule.PreAuthenticate

    Return Nothing
  End Function 'PreAuthenticate

  
  ' Authenticate is the core method for this custom authentication.
  ' When an Internet resource requests authentication, the WebRequest.GetResponse 
  ' method calls the AuthenticationManager.Authenticate method. This method, in 
  ' turn, calls the Authenticate method on each of the registered authentication
  ' modules, in the order in which they were registered. When the authentication is 
  ' complete an Authorization object is returned to the WebRequest.
  Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
      Implements IAuthenticationModule.Authenticate


    Dim ASCII As Encoding = Encoding.ASCII

    ' Get the username and password from the credentials
    Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")

    If PreAuthenticate(request, credentials) Is Nothing Then
      Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
    Else
      Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
    End If
    ' Verify that the challenge satisfies the authorization requirements.
    Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)

    If Not challengeOk Then
      Return Nothing
    End If

    ' Create the encrypted string according to the Basic authentication format as
    ' follows:
    ' a)Concatenate the username and password separated by colon;
    ' b)Apply ASCII encoding to obtain a stream of bytes;
    ' c)Apply Base64 encoding to this array of bytes to obtain the encoded 
    ' authorization.
    Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password

    Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))

    ' Create an Authorization object using the encoded authorization above.
    Dim resourceAuthorization As New Authorization(BasicToken)

    ' Get the Message property, which contains the authorization string that the 
    ' client returns to the server when accessing protected resources.
    Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)

    ' Get the Complete property, which is set to true when the authentication process 
    ' between the client and the server is finished.
    Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)

    Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)


    Return resourceAuthorization
  End Function 'Authenticate
End Class

Açıklamalar

Arabirim, IAuthenticationModule özel kimlik doğrulama modüllerinin kullanması gereken özellikleri ve yöntemleri tanımlar.

Kimlik doğrulama modülleri, kimlik doğrulama sınamasına uygun şekilde yanıt veren bir sunucuyla kimlik doğrulama işleminin tamamını yürütür. Bu işlem, kaynak sunucudan ayrı bir kimlik doğrulama sunucusuna yapılan isteklerden ve bir URI isteğinin kimliğini doğru şekilde doğrulamak için gereken diğer etkinliklerden oluşabilir.

Özel kimlik doğrulama modülleri arabirimini IAuthenticationModule uygulamalı ve ardından yöntemine AuthenticationManager.Register kaydolmalıdır. Kimlik doğrulama modülleri, yapılandırma dosyası okunarak program başlatma sırasında da kaydedilir.

Özellikler

AuthenticationType	Bu kimlik doğrulama modülü tarafından sağlanan kimlik doğrulama türünü alır.
CanPreAuthenticate	Kimlik doğrulama modülünün ön kimlik doğrulamayı destekleyip desteklemediğini belirten bir değer alır.

Yöntemler

Authenticate(String, WebRequest, ICredentials)	Bir sunucudan kimlik Authorization doğrulama sınamasına yanıt olarak sınıfının bir örneğini döndürür.
PreAuthenticate(WebRequest, ICredentials)	Bir sunucuya kimlik Authorization doğrulaması isteği için sınıfının bir örneğini döndürür.

Şunlara uygulanır

Ürün	Sürümler
.NET	Core 2.0, Core 2.1, Core 2.2, Core 3.0, Core 3.1, 5, 6, 7, 8, 9, 10
.NET Framework	1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
.NET Standard	2.0, 2.1

Ayrıca bkz.

AuthenticationManager

Aracılığıyla paylaş