HttpListener.UnsafeConnectionNtlmAuthentication 属性

定义

命名空间:

System.Net

程序集:

System.Net.HttpListener.dll

Source:

HttpListener.Managed.cs

获取或设置 Boolean 值，该值控制当使用 NTLM 时是否需要对使用同一传输控制协议 (TCP) 连接的其他请求进行身份验证。

public:
 property bool UnsafeConnectionNtlmAuthentication { bool get(); void set(bool value); };

public bool UnsafeConnectionNtlmAuthentication { get; set; }

member this.UnsafeConnectionNtlmAuthentication : bool with get, set

Public Property UnsafeConnectionNtlmAuthentication As Boolean

属性值

Boolean

如果第一个请求的 IIdentity 将用于同一连接上的后续请求，则返回 true；否则返回 false。 默认值是 false。

例外

ObjectDisposedException

此对象已关闭。

示例

下面的代码示例演示如何设置此属性。

public static void SimpleListenerWithUnsafeAuthentication(string[] prefixes)
{
    // URI prefixes are required,
    // for example "http://contoso.com:8080/index/".
    if (prefixes == null || prefixes.Length == 0)
      throw new ArgumentException("prefixes");
    // Set up a listener.
    HttpListener listener = new HttpListener();
    foreach (string s in prefixes)
    {
        listener.Prefixes.Add(s);
    }
    listener.Start();
    // Specify Negotiate as the authentication scheme.
    listener.AuthenticationSchemes = AuthenticationSchemes.Negotiate;
    // If NTLM is used, we will allow multiple requests on the same
    // connection to use the authentication information of first request.
    // This improves performance but does reduce the security of your
    // application.
    listener.UnsafeConnectionNtlmAuthentication = true;
    // This listener does not want to receive exceptions
    // that occur when sending the response to the client.
    listener.IgnoreWriteExceptions = true;
    Console.WriteLine("Listening...");
    // ... process requests here.

    listener.Close();
}

Public Shared Sub SimpleListenerWithUnsafeAuthentication(ByVal prefixes As String())
    ' URI prefixes are required,
    ' for example "http://contoso.com:8080/index/".
    If prefixes Is Nothing OrElse prefixes.Length = 0 Then Throw New ArgumentException("prefixes")
    ' Set up a listener.
    Dim listener As HttpListener = New HttpListener()

    For Each s As String In prefixes
        listener.Prefixes.Add(s)
    Next

    listener.Start()
    ' Specify Negotiate as the authentication scheme.
    listener.AuthenticationSchemes = AuthenticationSchemes.Negotiate
    ' If NTLM Is used, we will allow multiple requests on the same
    ' connection to use the authentication information of first request.
    ' This improves performance but does reduce the security of your 
    ' application. 
    listener.UnsafeConnectionNtlmAuthentication = True
    ' This listener does Not want to receive exceptions 
    ' that occur when sending the response to the client.
    listener.IgnoreWriteExceptions = True
    Console.WriteLine("Listening...")
    ' ... process requests here.

    listener.Close()
End Sub

注解

如果将此属性设置为 true ，并且使用 NTLM 对特定 TCP 连接的第一个请求进行身份验证，则会使用初始请求的身份验证信息 (IIdentity) 处理同一 TCP 连接的后续请求。

此属性在 NTLM 不是身份验证协议时无效。 将 Negotiate 指定为身份验证协议时，仅当 NTLM 是用于身份验证的实际协议时，此属性才有效。

注意

虽然将此属性设置为 true 提高性能， HttpListener 因为 不会发送其他 NTLM 身份验证质询，但不需要所有请求都提供身份验证信息存在安全风险。 必须确定为提高性能冒此风险是否值得。