IAuthenticationModule.Authenticate(String, WebRequest, ICredentials) 方法
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
傳回 Authorization 類別的執行個體以回應來自伺服器的驗證挑戰。
public:
System::Net::Authorization ^ Authenticate(System::String ^ challenge, System::Net::WebRequest ^ request, System::Net::ICredentials ^ credentials);
public System.Net.Authorization? Authenticate (string challenge, System.Net.WebRequest request, System.Net.ICredentials credentials);
public System.Net.Authorization Authenticate (string challenge, System.Net.WebRequest request, System.Net.ICredentials credentials);
abstract member Authenticate : string * System.Net.WebRequest * System.Net.ICredentials -> System.Net.Authorization
Public Function Authenticate (challenge As String, request As WebRequest, credentials As ICredentials) As Authorization
參數
- challenge
- String
伺服器所傳送的驗證要求。
- request
- WebRequest
與要求相關的 WebRequest。
- credentials
- ICredentials
與要求相關的認證。
傳回
Authorization 執行個體,含有要求的授權訊息,或者如果無法處理要求時,則為 null
。
範例
下列範例會示範如何使用 Authenticate 方法。 如需完整的範例, AuthenticationManager 請參閱 類別。
// Authenticate is the core method for this custom authentication.
// When an internet resource requests authentication, the WebRequest::GetResponse
// method calls the AuthenticationManager::Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest, as
// shown by this routine's retun type.
virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^ credentials )
{
Encoding^ ASCII = Encoding::ASCII;
// Get the username and password from the credentials
NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri, "Basic" );
if ( PreAuthenticate( request, credentials ) == nullptr )
Console::WriteLine( "\n Pre-authentication is not allowed." );
else
Console::WriteLine( "\n Pre-authentication is allowed." );
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = checkChallenge( challenge, MyCreds->Domain );
if ( !challengeOk )
return nullptr;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 Encoding to this array of bytes to obtain the encoded
// authorization.
String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":", MyCreds->Password );
String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String( ASCII->GetBytes( BasicEncrypt ) ) );
// Create an Authorization object using the above encoded authorization.
Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
// Get the Message property which contains the authorization string that the
// client returns to the server when accessing protected resources
Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message );
// Get the Complete property which is set to true when the authentication process
// between the client and the server is finished.
Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete );
Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId );
return resourceAuthorization;
}
// Authenticate is the core method for this custom authentication.
// When an Internet resource requests authentication, the WebRequest.GetResponse
// method calls the AuthenticationManager.Authenticate method. This method, in
// turn, calls the Authenticate method on each of the registered authentication
// modules, in the order in which they were registered. When the authentication is
// complete an Authorization object is returned to the WebRequest.
public Authorization Authenticate(String challenge, WebRequest request, ICredentials credentials)
{
Encoding ASCII = Encoding.ASCII;
// Get the username and password from the credentials
NetworkCredential myCreds = credentials.GetCredential(request.RequestUri, "Basic");
if (PreAuthenticate(request, credentials) == null)
Console.WriteLine("\n Pre-authentication is not allowed.");
else
Console.WriteLine("\n Pre-authentication is allowed.");
// Verify that the challenge satisfies the authorization requirements.
bool challengeOk = CheckChallenge(challenge, myCreds.Domain);
if (!challengeOk)
return null;
// Create the encrypted string according to the Basic authentication format as
// follows:
// a)Concatenate the username and password separated by colon;
// b)Apply ASCII encoding to obtain a stream of bytes;
// c)Apply Base64 encoding to this array of bytes to obtain the encoded
// authorization.
string basicEncrypt = myCreds.UserName + ":" + myCreds.Password;
string basicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(basicEncrypt));
// Create an Authorization object using the encoded authorization above.
Authorization resourceAuthorization = new Authorization(basicToken);
// Get the Message property, which contains the authorization string that the
// client returns to the server when accessing protected resources.
Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);
// Get the Complete property, which is set to true when the authentication process
// between the client and the server is finished.
Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);
Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);
return resourceAuthorization;
}
' Authenticate is the core method for this custom authentication.
' When an Internet resource requests authentication, the WebRequest.GetResponse
' method calls the AuthenticationManager.Authenticate method. This method, in
' turn, calls the Authenticate method on each of the registered authentication
' modules, in the order in which they were registered. When the authentication is
' complete an Authorization object is returned to the WebRequest.
Public Function Authenticate(ByVal challenge As String, ByVal request As WebRequest, ByVal credentials As ICredentials) As Authorization _
Implements IAuthenticationModule.Authenticate
Dim ASCII As Encoding = Encoding.ASCII
' Get the username and password from the credentials
Dim MyCreds As NetworkCredential = credentials.GetCredential(request.RequestUri, "Basic")
If PreAuthenticate(request, credentials) Is Nothing Then
Console.WriteLine(ControlChars.Lf + " Pre-authentication is not allowed.")
Else
Console.WriteLine(ControlChars.Lf + " Pre-authentication is allowed.")
End If
' Verify that the challenge satisfies the authorization requirements.
Dim challengeOk As Boolean = checkChallenge(challenge, MyCreds.Domain)
If Not challengeOk Then
Return Nothing
End If
' Create the encrypted string according to the Basic authentication format as
' follows:
' a)Concatenate the username and password separated by colon;
' b)Apply ASCII encoding to obtain a stream of bytes;
' c)Apply Base64 encoding to this array of bytes to obtain the encoded
' authorization.
Dim BasicEncrypt As String = MyCreds.UserName + ":" + MyCreds.Password
Dim BasicToken As String = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))
' Create an Authorization object using the encoded authorization above.
Dim resourceAuthorization As New Authorization(BasicToken)
' Get the Message property, which contains the authorization string that the
' client returns to the server when accessing protected resources.
Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}", resourceAuthorization.Message)
' Get the Complete property, which is set to true when the authentication process
' between the client and the server is finished.
Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}", resourceAuthorization.Complete)
Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}", resourceAuthorization.ConnectionGroupId)
Return resourceAuthorization
End Function 'Authenticate
End Class
備註
方法 Authenticate 會使用伺服器執行驗證程式,並將 實體傳回 Authorization 給 AuthenticationManager。
給實施者的注意事項
會在 AuthenticationManager 已註冊的驗證模組上呼叫 Authenticate(String, WebRequest, ICredentials) 方法,以判斷哪個模組會處理挑戰。 如果驗證模組無法處理挑戰, Authenticate(String, WebRequest, ICredentials) 方法必須傳回 null
。 如果驗證模組在進行驗證程式時發生錯誤, Authenticate(String, WebRequest, ICredentials) 則必須擲回例外狀況。