此处描述的WinHTTP认证:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa383144(v=vs.85).aspx
"Transfer-Encoding: Chunked\r\n"时不使用WinHttpSendRequest()标头,则有效。
如果我这样做,我将无法登录,因为WinHttpReceiveResponse()在使用WinHttpSetCredentials()设置凭据并再次使用WinHttpSendRequest()重新发送请求后失败。由于我真的需要分块传输,是否可以将它与windows身份验证结合使用?
以下是使用分块编码时审核失败的日志:
SubjectUserSid S-1-5-18
SubjectUserName MY-PC-NAME$
SubjectDomainName WORKGROUP
SubjectLogonId 0x3e7
TargetUserSid S-1-0-0
TargetUserName Administrator
TargetDomainName MY-PC-NAME
Status 0xc000006d
FailureReason %%2313
SubStatus 0xc000006a
LogonType 2
LogonProcessName User32
AuthenticationPackageName Negotiate
WorkstationName MY-PC-NAME
TransmittedServices -
LmPackageName -
KeyLength 0
ProcessId 0x1d8
ProcessName C:\Windows\System32\winlogon.exe
IpAddress 127.0.0.1
IpPort 0
而且,这是没有分块编码的成功审计:
SubjectUserSid S-1-0-0
SubjectUserName -
SubjectDomainName -
SubjectLogonId 0x0
TargetUserSid S-1-5-21-4112068699-3954607238-3758397191-1005
TargetUserName moose
TargetDomainName MY-PC-NAME
TargetLogonId 0x137576fb8
LogonType 3
LogonProcessName NtLmSsp
AuthenticationPackageName NTLM
WorkstationName M_10
LogonGuid {00000000-0000-0000-0000-000000000000}
TransmittedServices -
LmPackageName NTLM V2
KeyLength 128
ProcessId 0x0
ProcessName -
IpAddress 167.109.28.37
IpPort 56695
正如您所看到的,有很多不同的东西:域名,用户名,IP,端口,登录类型,TargetUserSid等等......
所有这些都归功于"Transfer-Encoding: Chunked\r\n"!
修改
为简单起见,问题是:
success = WinHttpSetCredentials( hPostRequest, target, authScheme, IIS_USER_NAME, IIS_PWD, NULL );
success = WinHttpSendRequest( hPostRequest,
L"Transfer-Encoding: Chunked\r\n",
(DWORD)-1,
WINHTTP_NO_REQUEST_DATA,
0,
WINHTTP_IGNORE_REQUEST_TOTAL_LENGTH,
0 );
成功返回值后,接下来要调用哪个WinHttp API?