重定向的基本身份验证 [英] Basic Authentication over redirection

问题描述

我有一个需要基本身份验证标头的网络服务。但是，当我使用

I have a webservice that needs a Basic Authentication header. However, when I call it using

   var header = "Authorization: Basic " + 
                CreateBasicHttpAuthenticationHeader(login, password);
   webRequest.Headers.Add(header);
   var webResponse = (HttpWebResponse)webRequest.GetResponse();

它返回303 - 见其他：

It returns a 303 - See Other:

POST https://myservice/rates HTTP/1.1
Authorization: Basic QXZ...NjY=
Content-Type: application/x-content
X-API-Version: 1.1
If-Unmodified-Since: Mon, 23 Sep 2013 08:32:27 GMT
User-Agent: UserAgent

回应：

HTTP/1.1 303 See Other
Date: Mon, 23 Sep 2013 08:30:57 GMT
X-Opaque-ID: q8nxxxxc
Location: https://myservice/rates 
Content-Length: 0

.Net然后自动向新位置发送GET请求：

.Net then automatically sends a GET request to the new location:

GET https://myservice/rates HTTP/1.1
Content-Type: application/x-content
X-API-Version: 1.1
If-Unmodified-Since: Mon, 23 Sep 2013 08:32:27 GMT
User-Agent: UserAgent

但这次不发送授权标题。你知道一种告诉它在所有电话上发送所有标题的方法吗？我应该告诉它不要关注内容吗？

But does not send the Authorization header this time. Do you know a way to tell it to send all headers, on all calls? Should I tell it not to follow the content?

推荐答案

你必须停用 AllowRedirect 你的HttpRequest的属性。

You have to deactivate the AllowRedirect property of your HttpRequest.

然后你必须使用基本的auth头构建你自己的重定向系统。

Then you have to build you own redirection system with basic auth headers.

这不是很好，但是.Net框架在重定向时会删除标题。

This is not wonderful, but otherwise the .Net framework drops your header when redirecting.

这篇关于重定向的基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！