HttpWebResponse - 如何设置 NTLM 身份验证标头
我必须通过单个服务器(受防火墙保护)访问外部服务(Web 应用程序),因此我必须通过小型 C# 服务应用程序中继/隧道 HTTP 请求。
我编写了一个 HttpListener,等待请求,调用外部 Web 服务器,获取他的响应并将其写入客户端。应用程序的这一部分工作顺利。
出于审核目的,我在侦听器上打开了 NTLM 身份验证,以便我可以记录哪些用户访问了此服务。到目前为止,一切都很好。
listener.AuthenticationSchemes = AuthenticationSchemes.Ntlm;
身份验证工作正常,客户端自动获取带有 WWW-“Authenticate: NTLM”标头的 HTTP 401 响应,客户端使用 NTLM-Authorization 标头重新发出请求,服务器响应质询,客户端响应质询 -- >客户端已通过身份验证,我可以访问 HttpListenerContext 中的 Identity 属性。
但我认为,当我将回复写回给客户时,我犯了一个错误。当同一个客户端发出另一个请求时,他必须从头开始执行整个身份验证过程。
response.StatusCode = (Int32)((HttpWebResponse)remoteResponse).StatusCode;
foreach (var h in remoteResponse.Headers.AllKeys) {
if (!(new string[] { "Content-Type", "Content-Length" }).Contains(h)) {
response.AddHeader(h, response.Headers[h]);
}
}
// Am I missing a Header here???
response.ContentType = remoteResponse.ContentType;
using (Stream input = remoteResponse.GetResponseStream()) {
using (Stream output = response.OutputStream) {
input.CopyTo(output);
}
}
在观看与我认识的 IIS 网站的通信后,IIS 使用“WWW.Authenticate”标头 + 值响应正常请求。我从哪里得到这个值?感谢您的帮助,或任何寻找更多信息的提示。
I have to access an external Service (Web Application) through a single server (protected with a firewall), so I have to relay / tunnel the HTTP-Requests via a small C# Service Application.
I've written an HttpListener, waiting for requests, calling the external Web-Server, get his response and writing it to the client. This part of the application works smooth.
For auditing purposes I turned on NTLM Authentication on the Listener, so that I can log, which users accessed this service. So far so good.
listener.AuthenticationSchemes = AuthenticationSchemes.Ntlm;
The authentication works, the client gets automatically an HTTP 401 response with the WWW-"Authenticate: NTLM" Header, the client reissues the request with the NTLM-Authorization header, the server respondes with a challenge, the client respondes to the challenge --> the client is authenticated, I am able to access the Identity property in the HttpListenerContext.
But I think, I make a mistake, when I am writing the response back to the client. When the same client does another request, he has to do the whole authentication-procedure from the beginning.
response.StatusCode = (Int32)((HttpWebResponse)remoteResponse).StatusCode;
foreach (var h in remoteResponse.Headers.AllKeys) {
if (!(new string[] { "Content-Type", "Content-Length" }).Contains(h)) {
response.AddHeader(h, response.Headers[h]);
}
}
// Am I missing a Header here???
response.ContentType = remoteResponse.ContentType;
using (Stream input = remoteResponse.GetResponseStream()) {
using (Stream output = response.OutputStream) {
input.CopyTo(output);
}
}
After watching the communication with a IIS-Website I recognized, that IIS respondes the normal request with an "WWW.Authenticate" Header + Value. Where do I get this value? Thanks you for your help, or for any hint where to look for more information.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论