/// <devdoc> /// <para>Pre-authenticates a request.</para> /// </devdoc> public static Authorization PreAuthenticate(WebRequest request, ICredentials credentials) { GlobalLog.Print("AuthenticationManager::PreAuthenticate() request:" + ValidationHelper.HashString(request) + " credentials:" + ValidationHelper.HashString(credentials)); if (request == null) { throw new ArgumentNullException("request"); } if (credentials == null) { return(null); } HttpWebRequest httpWebRequest = request as HttpWebRequest; IAuthenticationModule authenticationModule; if (httpWebRequest == null) { return(null); } // // PrefixLookup is thread-safe // string moduleName = s_ModuleBinding.Lookup(httpWebRequest.ChallengedUri.AbsoluteUri) as string; GlobalLog.Print("AuthenticationManager::PreAuthenticate() s_ModuleBinding.Lookup returns:" + ValidationHelper.ToString(moduleName)); if (moduleName == null) { return(null); } authenticationModule = findModule(moduleName); if (authenticationModule == null) { // The module could have been unregistered // No preauthentication is possible return(null); } // Otherwise invoke the PreAuthenticate method // we're guaranteed that CanPreAuthenticate is true because we check before calling BindModule() Authorization authorization = authenticationModule.PreAuthenticate(request, credentials); if (authorization != null && !authorization.Complete && httpWebRequest != null) { httpWebRequest.CurrentAuthenticationState.Module = authenticationModule; } GlobalLog.Print("AuthenticationManager::PreAuthenticate() IAuthenticationModule.PreAuthenticate() returned authorization:" + ValidationHelper.HashString(authorization)); return(authorization); }
/// <include file='doc\AuthenticationManager.uex' path='docs/doc[@for="AuthenticationManager.PreAuthenticate"]/*' /> /// <devdoc> /// <para>Pre-authenticates a request.</para> /// </devdoc> public static Authorization PreAuthenticate(WebRequest request, ICredentials credentials) { GlobalLog.Print("AuthenticationManager::PreAuthenticate() request:" + ValidationHelper.HashString(request) + " credentials:" + ValidationHelper.HashString(credentials)); if (request == null) { throw new ArgumentNullException("request"); } if (credentials == null) { return(null); } // // PrefixLookup is thread-safe // string moduleName = s_ModuleBinding.Lookup(((HttpWebRequest)request).ChallengedUri.AbsoluteUri) as string; GlobalLog.Print("AuthenticationManager::PreAuthenticate() s_ModuleBinding.Lookup returns:" + ValidationHelper.ToString(moduleName)); if (moduleName == null) { return(null); } IAuthenticationModule module = findModule(moduleName); if (module == null) { // The module could have been unregistered // No preauthentication is possible return(null); } else { // Otherwise invoke the PreAuthenticate method HttpWebRequest httpWebRequest = request as HttpWebRequest; if (httpWebRequest != null) { httpWebRequest.CurrentAuthenticationState.Module = module; } Authorization authorization = module.PreAuthenticate(request, credentials); GlobalLog.Print("AuthenticationManager::PreAuthenticate() IAuthenticationModule.PreAuthenticate() returned authorization:" + ValidationHelper.HashString(authorization)); return(authorization); } }
public static Authorization PreAuthenticate(WebRequest request, ICredentials credentials) { if (request == null) { throw new ArgumentNullException("request"); } if (credentials == null) { return(null); } HttpWebRequest request2 = request as HttpWebRequest; if (request2 == null) { return(null); } string authenticationType = s_ModuleBinding.Lookup(request2.ChallengedUri.AbsoluteUri) as string; if (authenticationType == null) { return(null); } IAuthenticationModule module = findModule(authenticationType); if (module == null) { return(null); } if (request2.ChallengedUri.Scheme == Uri.UriSchemeHttps) { ChannelBinding cachedChannelBinding = request2.ServicePoint.CachedChannelBinding as ChannelBinding; if (cachedChannelBinding != null) { request2.CurrentAuthenticationState.TransportContext = new CachedTransportContext(cachedChannelBinding); } } Authorization authorization = module.PreAuthenticate(request, credentials); if (((authorization != null) && !authorization.Complete) && (request2 != null)) { request2.CurrentAuthenticationState.Module = module; } return(authorization); }
public Authorization PreAuthenticate(WebRequest webRequest, ICredentials credentials) { GlobalLog.Print("DigestClient::PreAuthenticate()"); #if XP_WDIGEST if (ComNetOS.IsPostWin2K) { return(XPDigestClient.PreAuthenticate(webRequest, credentials)); } #endif // #if XP_WDIGEST GlobalLog.Assert(credentials != null, "DigestClient::PreAuthenticate() credentials==null", ""); if (credentials == null || credentials is SystemNetworkCredential) { return(null); } HttpWebRequest httpWebRequest = webRequest as HttpWebRequest; GlobalLog.Assert(httpWebRequest != null, "DigestClient::PreAuthenticate() httpWebRequest==null", ""); if (httpWebRequest == null) { return(null); } HttpDigestChallenge storedHDC = (HttpDigestChallenge)challengeCache.Lookup(httpWebRequest.ChallengedUri.AbsoluteUri); if (storedHDC == null) { return(null); } HttpDigestChallenge modifiedHDC = storedHDC.CopyAndIncrementNonce(); modifiedHDC.HostName = httpWebRequest.ChallengedUri.Host; modifiedHDC.Method = httpWebRequest.CurrentMethod; // Consider: // I have also tried PathAndQuery against both IIS 5.0 and IIS 6.0 servers. // it didn't make a difference. PathAndQuery is a more complete piece of information // investigate with Kevin Damour if WDigest.dll wants the quesry string or not. modifiedHDC.Uri = httpWebRequest.Address.AbsolutePath; modifiedHDC.ChallengedUri = httpWebRequest.ChallengedUri; Authorization digestResponse = HttpDigest.Authenticate(modifiedHDC, credentials); return(digestResponse); }
/// <devdoc> /// <para>Pre-authenticates a request.</para> /// </devdoc> public override Authorization PreAuthenticate(WebRequest request, ICredentials credentials) { GlobalLog.Print( "AuthenticationManager::PreAuthenticate() request:" + ValidationHelper.HashString(request) + " credentials:" + ValidationHelper.HashString(credentials)); if (request == null) { throw new ArgumentNullException("request"); } if (credentials == null) { return(null); } HttpWebRequest httpWebRequest = request as HttpWebRequest; IAuthenticationModule authenticationModule; if (httpWebRequest == null) { return(null); } // // PrefixLookup is thread-safe // string moduleName = moduleBinding.Lookup(httpWebRequest.ChallengedUri.AbsoluteUri) as string; GlobalLog.Print( "AuthenticationManager::PreAuthenticate() s_ModuleBinding.Lookup returns:" + ValidationHelper.ToString(moduleName)); if (moduleName == null) { return(null); } authenticationModule = findModule(moduleName); if (authenticationModule == null) { // The module could have been unregistered. No preauthentication is possible. return(null); } // Prepopulate the channel binding token so we can try preauth // (but only for modules that actually need it!). if (httpWebRequest.ChallengedUri.Scheme == Uri.UriSchemeHttps) { object binding = httpWebRequest.ServicePoint.CachedChannelBinding; #if DEBUG // The ModuleRequiresChannelBinding method is only compiled in DEBUG so the assert must be restricted // to DEBUG as well. // If the authentication module does CBT, we require that it also caches channel bindings. System.Diagnostics.Debug.Assert( !(binding == null && ModuleRequiresChannelBinding(authenticationModule))); #endif // can also be DBNull.Value, indicating "we previously succeeded without getting a CBT." // (ie, unpatched SSP talking to a partially-hardened server) ChannelBinding channelBinding = binding as ChannelBinding; if (channelBinding != null) { httpWebRequest.CurrentAuthenticationState.TransportContext = new CachedTransportContext(channelBinding); } } // Otherwise invoke the PreAuthenticate method. // We're guaranteed that CanPreAuthenticate is true because we check before calling BindModule(). Authorization authorization = authenticationModule.PreAuthenticate(request, credentials); if (authorization != null && !authorization.Complete && httpWebRequest != null) { httpWebRequest.CurrentAuthenticationState.Module = authenticationModule; } GlobalLog.Print( "AuthenticationManager::PreAuthenticate() " + "IAuthenticationModule.PreAuthenticate() returned authorization:" + ValidationHelper.HashString(authorization)); return(authorization); }
private Authorization DoAuthenticate(string challenge, WebRequest webRequest, ICredentials credentials, bool preAuthenticate) { HttpDigestChallenge challenge2; if (credentials == null) { return(null); } HttpWebRequest httpWebRequest = webRequest as HttpWebRequest; NetworkCredential credential = credentials.GetCredential(httpWebRequest.ChallengedUri, Signature); if (credential is SystemNetworkCredential) { if (WDigestAvailable) { return(this.XPDoAuthenticate(challenge, httpWebRequest, credentials, preAuthenticate)); } return(null); } if (!preAuthenticate) { int startingPoint = AuthenticationManager.FindSubstringNotInQuotes(challenge, Signature); if (startingPoint < 0) { return(null); } challenge2 = HttpDigest.Interpret(challenge, startingPoint, httpWebRequest); } else { challenge2 = challengeCache.Lookup(httpWebRequest.ChallengedUri.AbsoluteUri) as HttpDigestChallenge; } if (challenge2 == null) { return(null); } if (!CheckQOP(challenge2)) { if (Logging.On) { Logging.PrintError(Logging.Web, SR.GetString("net_log_digest_qop_not_supported", new object[] { challenge2.QualityOfProtection })); } return(null); } if (preAuthenticate) { challenge2 = challenge2.CopyAndIncrementNonce(); challenge2.SetFromRequest(httpWebRequest); } if (credential == null) { return(null); } ICredentialPolicy credentialPolicy = AuthenticationManager.CredentialPolicy; if ((credentialPolicy != null) && !credentialPolicy.ShouldSendCredential(httpWebRequest.ChallengedUri, httpWebRequest, credential, this)) { return(null); } string computeSpn = httpWebRequest.CurrentAuthenticationState.GetComputeSpn(httpWebRequest); ChannelBinding channelBinding = null; if (httpWebRequest.CurrentAuthenticationState.TransportContext != null) { channelBinding = httpWebRequest.CurrentAuthenticationState.TransportContext.GetChannelBinding(ChannelBindingKind.Endpoint); } Authorization authorization = HttpDigest.Authenticate(challenge2, credential, computeSpn, channelBinding); if ((!preAuthenticate && webRequest.PreAuthenticate) && (authorization != null)) { string[] strArray = (challenge2.Domain == null) ? new string[] { httpWebRequest.ChallengedUri.GetParts(UriComponents.SchemeAndServer, UriFormat.UriEscaped) } : challenge2.Domain.Split(singleSpaceArray); authorization.ProtectionRealm = (challenge2.Domain == null) ? null : strArray; for (int i = 0; i < strArray.Length; i++) { challengeCache.Add(strArray[i], challenge2); } } return(authorization); }