IAuthenticationModule 接口

定义

为 Web 客户端身份验证模块提供基本身份验证接口。

public interface class IAuthenticationModule
public interface IAuthenticationModule
type IAuthenticationModule = interface
Public Interface IAuthenticationModule

示例

以下示例通过实现 IAuthenticationModule 接口创建自定义身份验证类。 有关完整示例, AuthenticationManager 请参阅 类。

// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. In particular it performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Impements the Authenticate method.
public ref class CustomBasic: public IAuthenticationModule
{
private:

   String^ m_authenticationType;
   bool m_canPreAuthenticate;

public:

   // The CustomBasic constructor initializes the properties of the customized
   // authentication.
   CustomBasic()
   {
      m_authenticationType = "Basic";
      m_canPreAuthenticate = false;
   }


   property String^ AuthenticationType 
   {

      // Define the authentication type. This type is then used to identify this
      // custom authentication module. The default is set to Basic.
      virtual String^ get()
      {
         return m_authenticationType;
      }

   }

   property bool CanPreAuthenticate 
   {

      // Define the pre-authentication capabilities for the module. The default is set
      // to false.
      virtual bool get()
      {
         return m_canPreAuthenticate;
      }

   }

   // The checkChallenge method checks if the challenge sent by the HttpWebRequest
   // contains the correct type (Basic) and the correct domain name.
   // Note: the challenge is in the form BASIC REALM=S"DOMAINNAME"
   // and you must assure that the Internet Web site resides on a server whose
   // domain name is equal to DOMAINAME.
   bool checkChallenge( String^ Challenge, String^ domain )
   {
      bool challengePasses = false;
      String^ tempChallenge = Challenge->ToUpper();
      
      // Verify that this is a Basic authorization request and the requested domain
      // is correct.
      // Note: When the domain is an empty string the following code only checks
      // whether the authorization type is Basic.
      if ( tempChallenge->IndexOf( "BASIC" ) != -1 )
            if ( String::Compare( domain, String::Empty ) != 0 )
            if ( tempChallenge->IndexOf( domain->ToUpper() ) != -1 )
            challengePasses = true; // The domain is not allowed and the authorization type is Basic.
      else
            challengePasses = false;

      else
            challengePasses = true;


      return challengePasses;
   }


   // The PreAuthenticate method specifies if the authentication implemented
   // by this class allows pre-authentication.
   // Even if you do not use it, this method must be implemented to obey to the rules
   // of interface implemebtation.
   // In this case it always returns null.
   virtual Authorization^ PreAuthenticate( WebRequest^ request, ICredentials^ credentials )
   {
      return nullptr;
   }


   // Authenticate is the core method for this custom authentication.
   // When an internet resource requests authentication, the WebRequest::GetResponse
   // method calls the AuthenticationManager::Authenticate method. This method, in
   // turn, calls the Authenticate method on each of the registered authentication
   // modules, in the order they were registered. When the authentication is
   // complete an Authorization object is returned to the WebRequest, as
   // shown by this routine's retun type.
   virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^ credentials )
   {
      Encoding^ ASCII = Encoding::ASCII;
      
      // Get the username and password from the credentials
      NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri, "Basic" );
      if ( PreAuthenticate( request, credentials ) == nullptr )
            Console::WriteLine( "\n Pre-authentication is not allowed." );
      else
            Console::WriteLine( "\n Pre-authentication is allowed." );

      
      // Verify that the challenge satisfies the authorization requirements.
      bool challengeOk = checkChallenge( challenge, MyCreds->Domain );
      if (  !challengeOk )
            return nullptr;

      
      // Create the encrypted string according to the Basic authentication format as
      // follows:
      // a)Concatenate username and password separated by colon;
      // b)Apply ASCII encoding to obtain a stream of bytes;
      // c)Apply Base64 Encoding to this array of bytes to obtain the encoded
      // authorization.
      String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":", MyCreds->Password );
      String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String( ASCII->GetBytes( BasicEncrypt ) ) );
      
      // Create an Authorization object using the above encoded authorization.
      Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
      
      // Get the Message property which contains the authorization string that the
      // client returns to the server when accessing protected resources
      Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message );
      
      // Get the Complete property which is set to true when the authentication process
      // between the client and the server is finished.
      Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete );
      
      Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId );
      return resourceAuthorization;
   }

};


// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized basic
// authentication.
int main()
{
   array<String^>^args = Environment::GetCommandLineArgs();
   if ( args->Length < 4 )
      TestAuthentication::showusage();
   else
   {
      
      // Read the user's credentials.
      TestAuthentication::uri = args[ 1 ];
      TestAuthentication::username = args[ 2 ];
      TestAuthentication::password = args[ 3 ];
      if ( args->Length == 4 )
            TestAuthentication::domain = String::Empty; // If the domain exists, store it. Usually the domain name
      else
            TestAuthentication::domain = args[ 4 ];
      
      // is by default the name of the server hosting the Internet
      // resource.
      // Instantiate the custom Basic authentication module.
      CustomBasic^ customBasicModule = gcnew CustomBasic;
      
      // Unregister the standard Basic authentication module.
      AuthenticationManager::Unregister( "Basic" );
      
      // Register the custom Basic authentication module.
      AuthenticationManager::Register( customBasicModule );
      
      // Display registered Authorization modules.
      TestAuthentication::displayRegisteredModules();
      
      // Read the specified page and display it on the console.
      TestAuthentication::getPage( TestAuthentication::uri );
   }
}
// The CustomBasic class creates a custom Basic authentication by implementing the
// IAuthenticationModule interface. It performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.

public class CustomBasic : IAuthenticationModule
{

  // Define the authentication type. This type is then used to identify this
  // custom authentication module. The default is set to Basic.
  public string AuthenticationType { get; } = "Basic";

  // Define the pre-authentication capabilities for the module. The default is set
  // to false.
  public bool CanPreAuthenticate { get; }

  // The CheckChallenge method checks whether the challenge sent by the HttpWebRequest
  // contains the correct type (Basic) and the correct domain name.
  // Note: The challenge is in the form BASIC REALM="DOMAINNAME";
  // the Internet Web site must reside on a server whose
  // domain name is equal to DOMAINNAME.
  public bool CheckChallenge(string challenge, string domain)
  {
    bool challengePasses = false;

    String tempChallenge = challenge.ToUpper();

    // Verify that this is a Basic authorization request and that the requested domain
    // is correct.
    // Note: When the domain is an empty string, the following code only checks
    // whether the authorization type is Basic.

    if (tempChallenge.IndexOf("BASIC") != -1)
      if (!string.IsNullOrEmpty(domain))
        if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
          challengePasses = true;
        else
          // The domain is not allowed and the authorization type is Basic.
          challengePasses = false;
      else
        // The domain is a blank string and the authorization type is Basic.
        challengePasses = true;

    return challengePasses;
  }

  // The PreAuthenticate method specifies whether the authentication implemented
  // by this class allows pre-authentication.
  // Even if you do not use it, this method must be implemented to obey to the rules
  // of interface implementation.
  // In this case it always returns null.
  public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
  {
    return null;
  }

  // Authenticate is the core method for this custom authentication.
  // When an Internet resource requests authentication, the WebRequest.GetResponse
  // method calls the AuthenticationManager.Authenticate method. This method, in
  // turn, calls the Authenticate method on each of the registered authentication
  // modules, in the order in which they were registered. When the authentication is
  // complete an Authorization object is returned to the WebRequest.
  public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
  {
    Encoding ASCII = Encoding.ASCII;

    // Get the username and password from the credentials
    NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");

    if (PreAuthenticate(request, credentials) == null)
      Console.WriteLine("\n Pre-authentication is not allowed.");
    else
      Console.WriteLine("\n Pre-authentication is allowed.");

    // Verify that the challenge satisfies the authorization requirements.
    bool challengeOk = CheckChallenge(challenge, myCreds.Domain);

    if (!challengeOk)
      return null;

    // Create the encrypted string according to the Basic authentication format as
    // follows:
    // a)Concatenate the username and password separated by colon;
    // b)Apply ASCII encoding to obtain a stream of bytes;
    // c)Apply Base64 encoding to this array of bytes to obtain the encoded
    // authorization.
    string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;

    string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));

    // Create an Authorization object using the encoded authorization above.
    Authorization resourceAuthorization = new Authorization(basicToken);

    // Get the Message property, which contains the authorization string that the
    // client returns to the server when accessing protected resources.
    Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);

    // Get the Complete property, which is set to true when the authentication process
    // between the client and the server is finished.
    Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);

    Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);

    return resourceAuthorization;
  }
}
' The CustomBasic class creates a custom Basic authentication by implementing the
' IAuthenticationModule interface. It performs the following
' tasks:
' 1) Defines and initializes the required properties.
' 2) Implements the Authenticate and PreAuthenticate methods.

Public Class CustomBasic
  Implements IAuthenticationModule

  Private m_authenticationType As String
  Private m_canPreAuthenticate As Boolean


  ' The CustomBasic constructor initializes the properties of the customized 
  ' authentication.
  Public Sub New()
    m_authenticationType = "Basic"
    m_canPreAuthenticate = False
  End Sub

  ' Define the authentication type. This type is then used to identify this
  ' custom authentication module. The default is set to Basic.

  Public ReadOnly Property AuthenticationType() As String _
   Implements IAuthenticationModule.AuthenticationType

    Get
      Return m_authenticationType
    End Get
  End Property

  ' Define the pre-authentication capabilities for the module. The default is set
  ' to false.

  Public ReadOnly Property CanPreAuthenticate() As Boolean _
   Implements IAuthenticationModule.CanPreAuthenticate


    Get
      Return m_canPreAuthenticate
    End Get
  End Property

' The checkChallenge method checks whether the challenge sent by the HttpWebRequest 
' contains the correct type (Basic) and the correct domain name. 
' Note: The challenge is in the form BASIC REALM="DOMAINNAME"; 
' the Internet Web site must reside on a server whose
' domain name is equal to DOMAINNAME.
  Public Function checkChallenge(ByVal Challenge As String, ByVal domain As String) As Boolean
    Dim challengePasses As Boolean = False

    Dim tempChallenge As [String] = Challenge.ToUpper()

    ' Verify that this is a Basic authorization request and that the requested domain
    ' is correct.
    ' Note: When the domain is an empty string, the following code only checks 
    ' whether the authorization type is Basic.
    If tempChallenge.IndexOf("BASIC") <> -1 Then
      If domain <> [String].Empty Then
        If tempChallenge.IndexOf(domain.ToUpper()) <> -1 Then
          challengePasses = True
          ' The domain is not allowed and the authorization type is Basic.
        Else
          challengePasses = False
        End If
        ' The domain is a blank string and the authorization type is Basic.
      Else
        challengePasses = True
      End If
    End If
    Return challengePasses
  End Function 'checkChallenge


  ' The PreAuthenticate method specifies whether the authentication implemented 
  ' by this class allows pre-authentication. 
  ' Even if you do not use it, this method must be implemented to obey to the rules 
  ' of interface implementation.
  ' In this case it always returns null. 
  Public Function PreAuthenticate(ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
      Implements IAuthenticationModule.PreAuthenticate

    Return Nothing
  End Function 'PreAuthenticate

  
  ' Authenticate is the core method for this custom authentication.
  ' When an Internet resource requests authentication, the WebRequest.GetResponse 
  ' method calls the AuthenticationManager.Authenticate method. This method, in 
  ' turn, calls the Authenticate method on each of the registered authentication
  ' modules, in the order in which they were registered. When the authentication is 
  ' complete an Authorization object is returned to the WebRequest.
  Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
      Implements IAuthenticationModule.Authenticate


    Dim ASCII As Encoding = Encoding.ASCII

    ' Get the username and password from the credentials
    Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")

    If PreAuthenticate(request, credentials) Is Nothing Then
      Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
    Else
      Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
    End If
    ' Verify that the challenge satisfies the authorization requirements.
    Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)

    If Not challengeOk Then
      Return Nothing
    End If

    ' Create the encrypted string according to the Basic authentication format as
    ' follows:
    ' a)Concatenate the username and password separated by colon;
    ' b)Apply ASCII encoding to obtain a stream of bytes;
    ' c)Apply Base64 encoding to this array of bytes to obtain the encoded 
    ' authorization.
    Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password

    Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))

    ' Create an Authorization object using the encoded authorization above.
    Dim resourceAuthorization As New Authorization(BasicToken)

    ' Get the Message property, which contains the authorization string that the 
    ' client returns to the server when accessing protected resources.
    Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)

    ' Get the Complete property, which is set to true when the authentication process 
    ' between the client and the server is finished.
    Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)

    Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)


    Return resourceAuthorization
  End Function 'Authenticate
End Class

注解

接口 IAuthenticationModule 定义自定义身份验证模块必须使用的属性和方法。

身份验证模块对服务器执行整个身份验证过程,并根据需要响应身份验证质询。 此过程可能包括对独立于资源服务器的身份验证服务器的请求,以及正确验证 URI 请求所需的任何其他活动。

自定义身份验证模块应实现 接口, IAuthenticationModule 然后使用 方法注册 AuthenticationManager.Register 。 身份验证模块也通过读取配置文件在程序初始化时注册。

属性

AuthenticationType

获取此身份验证模块提供的身份验证类型。

CanPreAuthenticate

获取一个值,该值指示身份验证模块是否支持预身份验证。

方法

Authenticate(String, WebRequest, ICredentials)

返回 Authorization 类的实例来响应来自服务器的身份验证要求。

PreAuthenticate(WebRequest, ICredentials)

为对服务器的的身份验证请求返回 Authorization 类的一个实例。

适用于

另请参阅