HttpWebRequest和C#中的表单身份验证 [英] HttpWebRequest and forms authentication in C#

问题描述

我是一名系统人员，目前正在做兼职Web开发项目，所以对它来说还很新.我正在尝试为www.portapower.com编写一个http客户端.

I am a systems guy and currently doing a part time web development project so am pretty new to it. I am trying to write a http client for www.portapower.com.

它将对发布在网站上的某些项目，如果它们符合特定要求，则会打印一条消息.

It will for certain items which are posted on the website and if they match a particular requirement it will print a message.

在尝试访问此页面时:

> http://www .portapower.com/getbainfo.php?fclasscode = 1& code = CB1831B.40H& fbrand = QUNFUg ==

网站将我重定向到默认的注册页面:

The website redirects me to a default register page:

http://www.portapower.com/defaregit.php

这是我编写的代码的片段:

Here is a snippet of what I coded:

CookieContainer myContainer = new CookieContainer();

HttpWebRequest request = (HttpWebRequest)
WebRequest.Create("http://www.portapower.com/" + urlpart);
request.Credentials = new NetworkCredential("****", "******");
request.CookieContainer = myContainer;
request.PreAuthenticate = true;
request.Method = "POST";
HttpWebResponse response = (HttpWebResponse)
request.GetResponse();

Console.WriteLine(response.StatusCode);
Stream resStream = response.GetResponseStream();
Console.WriteLine(resStream.ToString());

我确实具有用户名和密码，并且在浏览器中使用时可以正常工作.请告诉我这是否是访问经过身份验证的页面的正确方法.

I do have the username and password and it works fine when used from a browser. Please tell me if this a correct way to access a authenticated page.

推荐答案

这取决于网站对用户进行身份验证的方式.如果他们使用的是基本身份验证或Windows身份验证，则可以设置 HttpWebRequest类到用户名/密码/域信息，它应该可以正常工作.

It depends on how the website is authenticating users. If they are using basic authentication or Windows authentication, then you can set the Credentials property of the HttpWebRequest class to the username/password/domain information and it should work.

但是，听起来您必须在站点上输入用户名/密码，这意味着您将必须首先登录该站点.查看主页，这是我在处理登录的<form>元素中找到的内容:

However, it sounds like you have to enter the username/password on the site, which means you are going to have to login to the site first. Looking at the main page, this is what I find in the <form> element that handles login:

<form name="formlogin" method="post" action="./defalogin.php" >
  <input name="emtext" type="text" id="emtext" size="12">
  <input name="pstext" type="password" id="pstext" size="12">
  <input type="submit" name="Submit" value="Logn in" 
    onClick="return logincheck()" >
</form>

我只包括了相关部分.

鉴于此，您必须先使用HttpWebRequest进入./defalogin.php页面，然后发布emtext和pstext值.另外，请确保设置 CookieContainer属性到 CookieContainer .当对POST的调用返回时，很有可能会填充一个Cookie，您必须将其发送回站点.只需将所有后续HttpWebRequest实例上的CookieContainer属性设置为该CookieContainer，以确保cookie能够传递.

Given this, you have to go to the ./defalogin.php page first with the HttpWebRequest and POST the emtext and pstext values. Also, make sure you set the CookieContainer property to an instance of CookieContainer. When that call to POST returns, it's more than likely going to be populated with a cookie which you will have to send back to the site. Just keep setting the CookieContainer property on any subsequent HttpWebRequest instances to that CookieContainer to make sure the cookies are passed around.

然后您将转到链接中指示的页面.

Then you would go to the page indicated in the link.

关注的也是logincheck javascript函数，但是从脚本源看，它没有任何注释.

Of concern is also the logincheck javascript function, but looking at the script sources, it does nothing of note.

这篇关于HttpWebRequest和C#中的表单身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！