HttpWebRequest的身份验证通过重定向,持续凭据? [英] Authenticated HttpWebRequest with redirection, persisting credentials?
问题描述
我的ASP.NET 2.0应用到公司的内部网内的网站,该网站使用NTLM身份验证创建的HttpWebRequest 。传递的凭据是一个服务帐户,这是在成功域认证(安全日志证实了这一点)
My ASP.NET 2.0 app creates a HTTPWebRequest to a site within a company's intranet, which uses NTLM authentication. The credentials passed are for a service account, which is authenticated on the domain successfully (the security log confirms this)
有些简写code如下。
Some abbreviated code follows..
HttpWebRequest req = WebRequest.Create(queryUrl) as HttpWebRequest;
NetworkCredential cred = new NetworkCredential(username,
pwd, domain);
req.Credentials = cred;
HttpWebResponse response = req.GetResponse() as HttpWebResponse;
作为请求的一部分,有一对夫妇的重定向(在同一域内)的最终响应 - 这是处理我的OK开发机(Windows 2K的)上
As part of the request, there are a couple of redirections (within the same domain) to the final response - which is handled OK on my dev machine (Windows 2k)
当从我的部署环境(Windows 2K3)创造了这个要求,我从站点返回一个401未经授权错误,貌似第一个重定向$ C $返回c(301移动)之后,我的请求对象的企图按照重定向。
When this request is created from my deployment environment (Windows 2k3), I get a 401 Unauthorized error returned from the site, seemingly after the first redirect code is returned (301 Moved), and my request object attempts to follow the redirect.
所以基本上,没有人知道周围遵循重定向认证HttpWebRequests的任何问题?
So basically, does anyone know of any issues surrounding authenticated HttpWebRequests that follow redirections?
PS - 最明显的解决方法是只请求页面重定向到 - 但我负责Intranet站点的想通过重定向我通过一个特定的页面来监视我的应用程序的使用的管理员
PS - The obvious workaround is to simply request the page redirected to - but I the admins in charge of the intranet site want to monitor my app's usage by redirecting me through a specific page.
推荐答案
有关的HttpWebRequest 重用凭据跨越重定向你需要使用凭据缓存。
如果你只是分配一个 NetworkCredentials 对象只会在第一次请求使用。
For HttpWebRequest to reuse credentials across redirects you need to use a credential cache.
If you just assign a NetworkCredentials object it will only be used on the first request.
下面是一个例子:
HttpWebRequest req = WebRequest.Create(queryUrl) as HttpWebRequest;
NetworkCredential cred = new NetworkCredential(username, pwd, domain);
var cache = new CredentialCache {{queryUrl, "Ntlm", cred}};
req.Credentials = cache;
HttpWebResponse response = req.GetResponse() as HttpWebResponse;
这篇关于HttpWebRequest的身份验证通过重定向,持续凭据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
