通过HttpWebRequest的C＃实现摘要式身份验证 [英] Implement Digest authentication via HttpWebRequest in C#

问题描述

有谁知道如何筛选使用HTTP Digest认证的刮web站点？
我用code是这样的：

Does anyone know how to screen scrape web-sites that use digest http authentication? I use code like this:

var request = (HttpWebRequest)WebRequest.Create(SiteUrl);
request.Credentials=new NetworkCredential(Login, Password)

我能够访问该网站的炫魅，但是当我尝试浏览到任何其他网页（使用相同的凭据的另一个请求）我得到HTTP / 1.1 400错误的请求的错误。

I'm able to access the site's mainpage, but when I try to surf to any other pages (using another request with the same credentials) I get "HTTP/1.1 400 Bad Request" error.

我用菲德勒比较与Mozilla Firefox浏览器请求我的C＃应用​​程序的请求。

I used Fiddler to compare requests of my C# application with Mozilla Firefox requests.

2的网址，我尝试访问如下：
HTTPS：//mysiteurl/forum/index.php
？HTTPS：//mysiteurl/forum/viewforum.php F = 4和SID = d104363e563968b4e4c07e04f4a15203

2 URLs that I try to access are: https://mysiteurl/forum/index.php https://mysiteurl/forum/viewforum.php?f=4&sid=d104363e563968b4e4c07e04f4a15203

下面是我的C＃应用​​程序的2请求（）：

Here are 2 requests () of my C# app:

Authorization: Digest username="xxx",realm="abc",nonce="NXa26+NjBAA=747dfd1776c9d585bd388377ef3160f1ff265429",uri="/forum/index.php",algorithm="MD5",cnonce="89179bf17dd27785aa1c88ad976817c9",nc=00000001,qop="auth",response="3088821620d9cbbf71e775fddbacfb6d"

Authorization: Digest username="xxx",realm="abc",nonce="1h7T6+NjBAA=4fed4d804d0edcb54bf4c2f912246330d96afa76",uri="/forum/viewforum.php",algorithm="MD5",cnonce="bb990b0516a371549401c0289fbacc7c",nc=00000001,qop="auth",response="1ddb95a45fd7ea8dbefd37a2db705e3a"

而这正是火狐发送到服务器：

And that's what Firefox sending to the server:

Authorization: Digest username="xxx", realm="abc", nonce="T9ICNeRjBAA=4fbb28d42db044e182116ac27176e81d067a313c", uri="/forum/", algorithm=MD5, response="33f29dcc5d70b61be18eaddfca9bd601", qop=auth, nc=00000001, cnonce="ab96bbe39d8d776d"
Authorization: Digest username="xxx", realm="abc", nonce="T9ICNeRjBAA=4fbb28d42db044e182116ac27176e81d067a313c", uri="/forum/viewforum.php?f=4&sid=d104363e563968b4e4c07e04f4a15203", algorithm=MD5, response="a996dae9368a79d49f2f29ea7a327cd5", qop=auth, nc=00000002, cnonce="e233ae90908860e1"

因此​​，在我的应用我有现时字段不同的值，而在Firefox这个领域是一样的。在另一方面我在数控字段值相同而Firefox增加此字段。

So in my app I have different values in "nonce" field while in Firefox this field is the same. On the other hand I have same values in "nc" field while Firefox increments this field.

此外，当我的应用程序试图访问提琴手网站页面，我可以看到，它始终得到回应HTTP / 1.1 401需要授权，而Firefox授权只有一次。我试着设置要求preAuthenticate = TRUE。但它似乎没有任何效果...

Also when my app tries to access site pages in Fiddler i can see that it always gets response "HTTP/1.1 401 Authorization Required", while Firefox authorizes only once. I've tried to set request.PreAuthenticate = true; but it seems to have no effect...

我的问题是：如何正确实现使用C＃摘要式身份验证？是否有任何标准的方法还是我必须从头开始呢？先谢谢了。

My question is: how to properly implement digest authentication using C#? Are there any standard methods or do I have to do it from scratch? Thanks in advance.

推荐答案

这似乎从4GuysFromRolla文章是你在找什么：

This article from 4GuysFromRolla appears to be what you are looking for:

http://www.4guysfromrolla.com/articles/102605-1.aspx

这篇关于通过HttpWebRequest的C＃实现摘要式身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！