在 C# 中建立 ssl 连接时如何检查无效凭据

发布于 2024-12-25 06:33:34 字数 959 浏览 1 评论 0原文

我有这个方法，它尝试捕获通过 SSL 连接时提供无效凭据时可能引发的异常。凭据通过 SNMP 提供。但我并不总是能够将异常解释为无效凭据，正如您所看到的，我只是尝试读取抛出的异常消息，该消息因设备而异。

我做的事正确吗？是否有任何万无一失的方法来检查连接所需的凭据是否有效？由于抛出的异常消息因设备而异，我完全迷失了。

感谢您的指点。

try
{
    string ipSSL = string.Format(URL_CWIS_HELPSTRING, "s", SecurityBindingProxy.Destination.Address.Value.Host, "/");
    System.Net.WebRequest https = System.Net.HttpWebRequest.Create(ipSSL);
    System.Net.ServicePointManager.ServerCertificateValidationCallback = WsdlClient.ServiceRequirements.WsdlServiceRequirements.SSLCheckCallback;
    https.Credentials = new System.Net.NetworkCredential(SNMP.ConnectionInfo.Instance.Username, SNMP.ConnectionInfo.Instance.Password); ;
    System.Net.HttpWebResponse responseSSL = (System.Net.HttpWebResponse)https.GetResponse();
    responseSSL.Close();
}
catch (Exception ex)
{
    if (ex.Message.Contains("Unauthorized")
        || ex.Message.Contains("401"))
    {
        return -2;
    }
}

原文

I have this method which tries to catch an exception that might be thrown when supplied with invalid credentials when connecting through SSL. The credentials are supplied through SNMP. But I am not always able to interpret the exception as invalid credentials, as you can see I am only trying to read the message of exception thrown which differs from a device to device.

Is what am I doing correct? Are there any foolproof ways to check if the credentials needed to make the connection is valid? I am totally lost here as the exception message thrown changes from device to device.

Thanks for any pointers.

try
{
    string ipSSL = string.Format(URL_CWIS_HELPSTRING, "s", SecurityBindingProxy.Destination.Address.Value.Host, "/");
    System.Net.WebRequest https = System.Net.HttpWebRequest.Create(ipSSL);
    System.Net.ServicePointManager.ServerCertificateValidationCallback = WsdlClient.ServiceRequirements.WsdlServiceRequirements.SSLCheckCallback;
    https.Credentials = new System.Net.NetworkCredential(SNMP.ConnectionInfo.Instance.Username, SNMP.ConnectionInfo.Instance.Password); ;
    System.Net.HttpWebResponse responseSSL = (System.Net.HttpWebResponse)https.GetResponse();
    responseSSL.Close();
}
catch (Exception ex)
{
    if (ex.Message.Contains("Unauthorized")
        || ex.Message.Contains("401"))
    {
        return -2;
    }
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

浮光之海 2025-01-01 06:33:34

您希望捕获更具体类型的异常，而不是解析异常消息。如果您查看 GetResponse 的文档，您会发现将看到记录的抛出异常的类型。如果您捕获 WebException 那么这将允许您找出 HTTP 状态，而无需手动解析字符串，例如：

catch (System.Net.WebException ex)
{
    var errorResponse = (System.Net.HttpWebResponse)ex.Response;
    if (errorResponse.StatusCode == System.Net.HttpStatusCode.Unauthorized)
    {
        //...
    }
}

You want to be catching a more specific type of exception rather than parsing exception messages. If you look at the docs for GetResponse you'll see documented the types of exceptions thrown. If you catch a WebException then this will allow you to find out the HTTP status without parsing strings manually e.g.:

catch (System.Net.WebException ex)
{
    var errorResponse = (System.Net.HttpWebResponse)ex.Response;
    if (errorResponse.StatusCode == System.Net.HttpStatusCode.Unauthorized)
    {
        //...
    }
}

回复收藏 0 原文

~没有更多了~