DefaultNetworkCredentials 具有空值。 需要提示用户...如何?
在某些情况下,我使用 SharePoint Web 服务的桌面应用程序最终会出现 DefaultNetworkCredentials 具有空值的情况,因此调用会失败。 然后我需要获取用户凭据,但我还没有找到直接的方法来做到这一点。
我正在考虑实施 http://www.pinvoke.net 中概述的解决方案/default.aspx/credui/CredUIPromptForCredentialsW.html
...但是,这仍然需要我处理密码,而我真的不想这样做。 我已经看过,但一直无法找到更直接的方法来提示用户并直接返回 NetworkCredential,而无需存储密码?
谢谢,
编辑:看起来我不会找到我正在寻找的东西......发生这种情况时我必须自己提示用户。
但是,如果我正确地解释了其中一些答案,那么 DefaultNetworkCredentials 首先可能是这样的 null 错误条件。 是这样吗? 有没有办法强制填充 DefaultNetworkCredentials,或者它实际上是一个简单的缓存,只是记住用于目标 URI 的最后一个域/用户 ID/密码(那天?那个应用程序/会话?)。
Under certain circumstances my desktop app using SharePoint web services ends up with DefaultNetworkCredentials having null values, and so the call fails. I need to then obtain the users credentials, but I haven't found a straightfoward way to do so.
I'm considering implementing the solution outlined in http://www.pinvoke.net/default.aspx/credui/CredUIPromptForCredentialsW.html
... however, this still is going to require that I handle the password, which I'd really rather not do. I've looked, but haven't been able to find a more direct method that prompts the user and returns a NetworkCredential directly, without my having to store the password?
Thanks,
EDIT: It looks like I'm not going to find exactly what I'm looking for... I'll have to prompt the user myself when this happens.
However, if I'm interpreting some of these answers correctly, it may be an error condition for the DefaultNetworkCredentials to be null like this in the first place. Is that the case? Is there a way to force the DefaultNetworkCredentials to populate, or is it really a simple cache that's just remembering the last domain/userid/password used for the target URI (that day? that application/session?).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我认为你第一次就无法避免处理它们。 但是,您可以连接到凭据管理器,以便从那时起它们将被缓存。 这里有一篇关于如何执行此操作的文章。 它的 p/invoke 量很大,但可以为您的用户提供更一致的体验。
I don't think you can avoid handling them for the first time. But, you an hook into the Credential Manager so that they will be cached from that point forward. Here's an article on how to do that. It's heavy in p/invoke, but could give your users a more consistent experience.
解决根本问题,即空凭据,而不是纠缠用户询问他们已经输入的信息。
除非您希望他们能够以不同于当前帐户的方式登录 SharePoint(也许是一个有用的功能)。
.NET 有处理凭据的代码,那么为什么还要通过外部 dll 并向您的应用程序添加另一个依赖项来再次猜测呢?
我对您的环境中存在的代码安全风险了解不够,但我认为在大多数情况下,仅将凭据对象存储在客户端内存中“足够安全”。
Work on the underlying issue, the null credentials rather than nagging the user for information they have already entered.
Unless you want them to be able to log into SharePoint differently from thier current account (a useful feature perhaps).
.NET has code for dealing with credentials, so why second guess that by going out to external dll's and adding another dependancy to your app?
I do not know enough about code security risks you have in your environment, but I would have thought that storing the credentials object in client memory only would be "safe enough" for most situations.
我不知道有什么可以为您处理密码,但是 SecureString 可能有用。
I don't know of something that handles the password for you, but SecureString may be of use.