使用摘要式身份验证和HTTPS进行C#HttpWebRequst登录时遇到问题。 我尝试使用两种方法:定期发送,获取401,然后自己计算摘要并重新发送。这使我在重新发送时受到限制。 我还尝试使用其内置机制。还超时。
在使用SslStream时,此功能有效。我想念什么?
创建初始Web请求:
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(fullUrl);
httpWebRequest.ServerCertificateValidationCallback = ( sender, certificate, chain, sslPolicyErrors) => true;
httpWebRequest.UserAgent = WebRequestConstants.DefaultUserAgent;
httpWebRequest.ContentType = contentType;
httpWebRequest.Timeout = (int)timeOut.TotalMilliseconds;
//NetworkCredential myNetworkCredential = new NetworkCredential(m_userName, m_password);
//CredentialCache myCredentialCache = new CredentialCache {{new Uri(fullUrl), "Digest", myNetworkCredential}};
//httpWebRequest.Credentials = myCredentialCache;
//httpWebRequest.PreAuthenticate = true;
if (m_requestHeaders != null)
{
foreach (var headerToAdd in m_requestHeaders)
{
httpWebRequest.Headers.Add(headerToAdd.Key, headerToAdd.Value);
}
}
if (string.IsNullOrEmpty(postData))
{
httpWebRequest.Method = WebRequestMethods.Http.Get;
}
else
{
SetPostData(postData, httpWebRequest);
}
重新发送我计算出的标头:
HttpWebResponse httpWebResponse = null;
try
{
httpWebResponse = (HttpWebResponse) httpWebRequest.GetResponse();
}
catch (WebException exception)
{
HttpWebResponse response = (HttpWebResponse)exception.Response;
if (response == null) throw;
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
string authValue = response.Headers[WebRequestConstants.HTTP_AUTHENTICATION_HEADER_KEY];
if (!string.IsNullOrEmpty(authValue))
{
if (m_httpAuthenticationCache == null) m_httpAuthenticationCache = new HttpAuthenticationCache();
if (NetworkUtils.ParseDigestParameters(authValue, m_httpAuthenticationCache))
{
httpWebRequest = CreateBasicHttpWebRequest(fullURL, timeOut, contentType, postData);
AddDigestAuthenticationHeader(m_userName, m_password, m_httpAuthenticationCache.Nonce, m_httpAuthenticationCache.Realm);
httpWebRequest.Headers.Add(WebRequestConstants.HTTP_PROTOCOL_AUTHENTICATION_KEY, m_requestHeaders[WebRequestConstants.HTTP_PROTOCOL_AUTHENTICATION_KEY]);
httpWebResponse = (HttpWebResponse)httpWebRequest.GetResponse();
}
}
}
}
内置机制的使用:(在wireshark上与服务器没有连接)
httpWebRequest.KeepAlive = false;
NetworkCredential myNetworkCredential = new NetworkCredential(m_userName, m_password);
CredentialCache myCredentialCache = new CredentialCache { { new Uri(fullUrl), "Digest", myNetworkCredential } };
httpWebRequest.Credentials = myCredentialCache;
httpWebRequest.PreAuthenticate = true;
编辑: 由于我的系统设计,使用HttpClient对我没有用。我正在以不同的时间间隔将多个请求发送到具有不同终结点的同一服务器,并且无法重用httpclient。此外,系统太旧,无法等待异步。 我现在面临的问题是将相同的连接重用于httprequest。我需要在同一连接上发送auth标头。在wireshark上跟随TCP流显示我无法做到这一点。