Register and join over 40,000 other developers!
Recent Topics
-
Print specific values from dictionary with a specific key name
Siten0308 - Jun 20 2019 01:43 PM
-
Learn algorithms and programming concepts
johnnylo - Apr 23 2019 07:49 AM
-
Job Gig PHP Form Needed
PJohnson - Apr 18 2019 03:55 AM
-
How to make code run differently depending on the platform it is running on?
xarzu - Apr 05 2019 09:17 AM
-
How do I set a breakpoint in an attached process in visual studio
xarzu - Apr 04 2019 11:47 AM
Recent Blog Entries
Recent Status Updates
Popular Tags
- networking
- Managed C++
- stream
- console
- database
- authentication
- Visual Basic 4 / 5 / 6
- session
- Connection
- asp.net
- import
- syntax
- hardware
- html5
- array
- mysql
- java
- php
- c++
- string
- C#
- html
- loop
- timer
- jquery
- ajax
- javascript
- programming
- android
- css
- assembly
- c
- form
- vb.net
- xml
- linked list
- login
- encryption
- pseudocode
- calculator
- sql
- python
- setup
- help
- game
- combobox
- binary
- hello world
- grid
- innerHTML

[SOLVED] Authentication Schemes
Started by Yonatan, Jun 19 2012 01:26 PM
Authentication Authentication Schemes authentication
6 replies to this topic
#1
Posted 19 June 2012 - 01:26 PM
Hi guys, first question here.
I need to use in one of my assignments in the c# AuthenticationSchemes.
Since I didnt found the msdn article very helpful I've got a couple of questions.
1. A bit more detailed overview on what are the different schemes? (Anonymous, None, Basic)
2. How can I get the username and password that the user entered on the Basic one.
I need to use in one of my assignments in the c# AuthenticationSchemes.
Since I didnt found the msdn article very helpful I've got a couple of questions.
1. A bit more detailed overview on what are the different schemes? (Anonymous, None, Basic)
2. How can I get the username and password that the user entered on the Basic one.
#2
Posted 19 June 2012 - 04:02 PM
1. Please read about them at MSDN here.
2. I have managed the following sample application. Run the sample console application and put "http://localhost:8080/index" in your browser.
2. I have managed the following sample application. Run the sample console application and put "http://localhost:8080/index" in your browser.
class Program { public static void SimpleListenerWithBasicAuthentication(string[] prefixes) { if (!HttpListener.IsSupported) { Console.WriteLine("Windows XP SP2 or Server 2003 is required to use the HttpListener class."); return; } if (prefixes == null || prefixes.Length == 0) throw new ArgumentException("prefixes"); // Set up a listener. HttpListener listener = new HttpListener(); foreach (string s in prefixes) { listener.Prefixes.Add(s); } listener.Start(); // Specify Basic as the authentication scheme. This is what you need mainly to set listener.AuthenticationSchemes = AuthenticationSchemes.Basic; Console.WriteLine("Listening..."); HttpListenerContext context = listener.GetContext(); HttpListenerBasicIdentity identity = (HttpListenerBasicIdentity)context.User.Identity; if (null != identity) { // Here is your Username and Password you gave in your browser for url http://localhost:8080/index/" Console.WriteLine(identity.Name); Console.WriteLine(identity.Password); } HttpListenerRequest request = context.Request; HttpListenerResponse response = context.Response; // Construct a response. string responseString = "<HTML><BODY> Hello world!</BODY></HTML>"; byte[] buffer = System.Text.Encoding.UTF8.GetBytes(responseString); // Get a response stream and write the response to it. response.ContentLength64 = buffer.Length; System.IO.Stream output = response.OutputStream; output.Write(buffer, 0, buffer.Length); // You must close the output stream. output.Close(); listener.Stop(); listener.Close(); } static void Main(string[] args) { SimpleListenerWithBasicAuthentication(new String[] { "http://localhost:8080/index/" }); } }
#3
Posted 19 June 2012 - 04:08 PM
Thanks a lot kernelcoder, just some follow-up questions.
1. Anonymous = transparent authentication or not authentication at all?
Basic = Login window (username, pw)
None = 403 for every request.
Did I got that right?
2. Why do we need the cast to the basic Identity? why wasnt it like that at first?
3. What does the Listener.User object exactly represents? f.e if I use it in a proxy server will the listener user be changed for every user or do I need to make a listener thread for every user?
Thanks a lot!
1. Anonymous = transparent authentication or not authentication at all?
Basic = Login window (username, pw)
None = 403 for every request.
Did I got that right?
2. Why do we need the cast to the basic Identity? why wasnt it like that at first?
3. What does the Listener.User object exactly represents? f.e if I use it in a proxy server will the listener user be changed for every user or do I need to make a listener thread for every user?
Thanks a lot!
#4
Posted 19 June 2012 - 04:34 PM
1. Yes, you got right.
2. Because the contenxt.User.Identity is of type base interface IIdentity. So we need to cast it to HttpListenerBasicIdentity. Note that if we set the AuthenticationScheme to IntegratedWindowsAuthentication, we need to cast the context.User.Indentity to System.Security.Principal.WindowsIdentity. There are same alike too. So here is the point -- do you think is it possible to have multiple type for contenxt.User.Identity? No, Impossible. That's why the base interface for all identity.
3. HttpListener.User contains all the security information about a Http request. Please read more here. No, the listener will be same for all users. Note, you are getting the user from context.User, from not the listener itself. And the context object will be created for every request.
2. Because the contenxt.User.Identity is of type base interface IIdentity. So we need to cast it to HttpListenerBasicIdentity. Note that if we set the AuthenticationScheme to IntegratedWindowsAuthentication, we need to cast the context.User.Indentity to System.Security.Principal.WindowsIdentity. There are same alike too. So here is the point -- do you think is it possible to have multiple type for contenxt.User.Identity? No, Impossible. That's why the base interface for all identity.
3. HttpListener.User contains all the security information about a Http request. Please read more here. No, the listener will be same for all users. Note, you are getting the user from context.User, from not the listener itself. And the context object will be created for every request.
Edited by kernelcoder, 19 June 2012 - 04:51 PM.
#5
Posted 20 June 2012 - 01:15 AM
Alright I think I pretty much got it.
Just one last question:
What is the: AuthenticationSchemeSelectorDelegate?
Just one last question:
What is the: AuthenticationSchemeSelectorDelegate?
#6
Posted 20 June 2012 - 03:01 AM
In the post#2 in this thread, I set the AuthenticationSchemes property of HttpListener object before the listener.GetContext() call. This is fixed setting of AuthenticationSchemes for all request to this listener. Now what if you want to set different authentication scheme depending on the condition of the request? What if you want to show all the AuthenticationSchemes you want to support on your site to the user and get an input from the list from him and use it? Here is the AuthenticationSchemeSelectorDelegate property of HttpListener comes in play. As example, suppose we want to set AuthenticationSchemes to IntegratedWindowsAuthentication for the local machine requests and want to set AuthenticationSchemes to Basic for all other requests. And here is the changed code.
class Program { static AuthenticationSchemes AuthenticationSchemeForClient(HttpListenerRequest request) { Console.WriteLine("Client authentication protocol selection in progress..."); // Do not authenticate local machine requests. if (request.RemoteEndPoint.Address.Equals(IPAddress.Loopback)) { return AuthenticationSchemes.IntegratedWindowsAuthentication; } else { return AuthenticationSchemes.Basic; } } public static void SimpleListenerWithBasicAuthentication(string[] prefixes) { if (!HttpListener.IsSupported) { Console.WriteLine("Windows XP SP2 or Server 2003 is required to use the HttpListener class."); return; } if (prefixes == null || prefixes.Length == 0) throw new ArgumentException("prefixes"); // Set up a listener. HttpListener listener = new HttpListener(); foreach (string s in prefixes) { listener.Prefixes.Add(s); } //listener.AuthenticationSchemes = AuthenticationSchemes.Basic; listener.AuthenticationSchemeSelectorDelegate = new AuthenticationSchemeSelector(AuthenticationSchemeForClient); listener.Start(); Console.WriteLine("Listening..."); HttpListenerContext context = listener.GetContext(); HttpListenerRequest request = context.Request; HttpListenerResponse response = context.Response; // Construct a response. string responseString = "<HTML><BODY> Hello world!</BODY></HTML>"; byte[] buffer = System.Text.Encoding.UTF8.GetBytes(responseString); // Get a response stream and write the response to it. response.ContentLength64 = buffer.Length; System.IO.Stream output = response.OutputStream; output.Write(buffer, 0, buffer.Length); // You must close the output stream. output.Close(); listener.Stop(); listener.Close(); } static void Main(string[] args) { SimpleListenerWithBasicAuthentication(new String[] { "http://localhost:8080/index/" }); } }
#7
Posted 20 June 2012 - 02:16 PM
Thanks a lot kernelcoder, I got some idea about those AuthenticationSchemes and the delegate option.
Like!
Like!
Also tagged with one or more of these keywords: Authentication, Authentication Schemes, authentication
![]() User roles in ASP.NET MVC 5Started by jasonalien, 19 Jan 2015 ![]() |
|
![]() |
||
General Forums →
General Programming →
Providing web resources only to authenticated usersStarted by Kaishain, 01 Feb 2014 ![]() |
|
![]() |
||
![]() Quick question: User roles for asp.net websitesStarted by PuddingEatsPanda, 25 Nov 2013 ![]() |
|
![]() |
||
Language Forums →
PHP →
Extending a User Management ModuleStarted by rhossis, 19 Jul 2013 ![]() |
|
![]() |
||
General Forums →
General Programming →
USB EncryptionStarted by Alcamech, 12 Jul 2013 ![]() |
|
![]() |
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download