为什么使用“new NetworkCredential(用户名,密码)”?无法对我的网站进行基本身份验证(从 WinForms C# 应用程序)?
我有一个使用基本身份验证(用户名/密码)的网站。
为什么下面的代码不起作用?当我运行它时,Web 应用程序会将我带到登录控制器,而我希望它应该已经经过身份验证,因为我正在填充凭据。换句话说,我试图确认在.NET 中如何确认我的winforms HttpWebRequest,以便它将自动执行身份验证过程。我假设 NetworkCredential 是应该执行此操作的 .net 类?或者在 .NET 中是否期望有一些您必须自己实现的手动两步过程?
这是代码:
// Create a new webrequest to the mentioned URL.
var uri = new Uri("http://10.1.1.102:3000/download/sunset");
var myWebRequest = (HttpWebRequest)WebRequest.Create(uri);
myWebRequest.PreAuthenticate=true;
var networkCredential=new NetworkCredential("test", "asdfasdf");
myWebRequest.Credentials=networkCredential;
var myWebResponse = (HttpWebResponse)myWebRequest.GetResponse();
Console.Out.WriteLine("STATUS = " + myWebResponse.StatusCode);
var stream = myWebResponse.GetResponseStream();
var reader = new StreamReader(stream);
string text_read = reader.ReadToEnd();
Console.WriteLine(text_read);
DisplayHtml(text_read);
reader.Close();
stream.Close();
myWebResponse.Close();
谢谢
I have a website that uses Basic Authentication (username/password).
Why is the following code not working? When I run it the web application takes me to the login controller, whereas I'm expecting that it should already be authenticated given I'm populating the credentials. In other words I'm trying to confirm how, in .NET, I confirm my winforms HttpWebRequest so that it will automate the authentication process. I'm assumeing that NetworkCredential is the .net class that should do this? Or in .NET is there an expectation there is some manual two step process you have to implement yourself?
Here is the code:
// Create a new webrequest to the mentioned URL.
var uri = new Uri("http://10.1.1.102:3000/download/sunset");
var myWebRequest = (HttpWebRequest)WebRequest.Create(uri);
myWebRequest.PreAuthenticate=true;
var networkCredential=new NetworkCredential("test", "asdfasdf");
myWebRequest.Credentials=networkCredential;
var myWebResponse = (HttpWebResponse)myWebRequest.GetResponse();
Console.Out.WriteLine("STATUS = " + myWebResponse.StatusCode);
var stream = myWebResponse.GetResponseStream();
var reader = new StreamReader(stream);
string text_read = reader.ReadToEnd();
Console.WriteLine(text_read);
DisplayHtml(text_read);
reader.Close();
stream.Close();
myWebResponse.Close();
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
除非站点提出质疑,否则
WebRequest不会发送凭据。站点应首先响应 401“需要授权”,并带有WWW-Authenticate标头;WebRequest将使用凭据响应质询,并且服务应使用 200 Http 内容进行响应。听起来该网站没有正确实现基本身份验证(规范说它应该首先挑战,以通过该领域),这是一种非常常见的行为。您可以将基本身份验证手动添加到
WebRequest.Headers集合中,这也是大多数开发人员最终所做的事情。请参阅HttpWebRequest 未传递凭据
WebRequestdoes not send credentials unless challenged by the site. The site should first respond with 401 'Authorization Required' with anWWW-Authenticateheader; theWebRequestwill respond to the challenge with credentials, and the service should respond with the 200 Http content.Sounds like the site does not implement Basic auth properly (the spec says it should challenge first, to pass in the realm) which is a very common behavior. You can add the Basic authentication manually to the
WebRequest.Headerscollection, which is what most developers end doing anyway.See HttpWebRequest not passing Credentials
如果有人正在寻找服务器端修复,那么只需
在设置 StatusCode = 401 后添加
If someone is looking for the server side fix then just add
after you set the StatusCode = 401