开发者

the authType parameter in CredentialCache.Add Method

开发者 https://www.devze.com 2023-01-06 02:24 出处:网络
what is the authType in CredentialCache.Add Method ? http://msdn.microsoft.com/en-us/library/czd开发者_高级运维w7s9e.aspx

what is the authType in CredentialCache.Add Method ? http://msdn.microsoft.com/en-us/library/czd开发者_高级运维w7s9e.aspx I do not understand what should I pass to it based on the uRi that I am passing to this Add method. and my uRi is actually an asmx page address


There are two main HTTP authentication schemes:

  • BASIC: user name and password are added in clear to the HTTP request headers
  • DIGEST: the server chalenges the client with a nonce and the client responds with a hash (digest) of the nonce and the password, which the server can verify

The authType parameters is the HTTP authentication scheme for which the credentials are added to the cache. When making a request, the server will first respond with a 403 and specify an authentication schem supported, along with the realm and the nonce (if required). The request will then use the credentials cache to respond to the chalenge, if the requested authentication type is in the cache (basic or digest). Subsequent calls after the first call may pre-send the authentication info, if PreAuthenticate is set.


I looked at the other Overload of the CredentialCache.Add() Method:

CredentialCache.Add(String host, Int32 port, String authenticationType, NetworkCredential credential)

The definition may be found here: https://msdn.microsoft.com/en-us/library/59x2s2s6(v=vs.110).aspx
Here they call the string "authenticationType" (instead of "authType") and states:

The supported values for authType are "NTLM", "Digest", "Kerberos", and "Negotiate".

I find this confusing because "authType " and "authenticationType" appear to be used interchangeably.

It worked for my URL when I used "NTLM" and "Negotiate" for "authType" in the Method Overload you reference in your Question:

CredentialCache.Add(Uri uriPrefix, String authType, NetworkCredential cred)


The authType seems to refer to how the credential(username and password) you provide is sent with a http web request. Basic roughly means unencrypted, and digest means that you send a hash along with the request to authenticate it. Note that this authentication type is decided by the server adn you dont have a choice as to which one to follow.
See Basic Authentication and Digest Authentication

0

精彩评论

暂无评论...
验证码 换一张
取 消