6 replies to this topic

[Yonatan]

Hi guys, first question here.

I need to use in one of my assignments in the c# AuthenticationSchemes.

Since I didnt found the msdn article very helpful I've got a couple of questions.

1. A bit more detailed overview on what are the different schemes? (Anonymous, None, Basic)
2. How can I get the username and password that the user entered on the Basic one.

[kernelcoder]

1. Please read about them at MSDN here.

2. I have managed the following sample application. Run the sample console application and put "http://localhost:8080/index" in your browser.

class Program
{
    public static void SimpleListenerWithBasicAuthentication(string[] prefixes)
    {
        if (!HttpListener.IsSupported)
        {
            Console.WriteLine("Windows XP SP2 or Server 2003 is required to use the HttpListener class.");
            return;
        }
        if (prefixes == null || prefixes.Length == 0)
            throw new ArgumentException("prefixes");
        // Set up a listener.
        HttpListener listener = new HttpListener();
        foreach (string s in prefixes) {
            listener.Prefixes.Add(s);
        }
        listener.Start();
        // Specify Basic as the authentication scheme. This is what you need mainly to set
        listener.AuthenticationSchemes = AuthenticationSchemes.Basic;
        Console.WriteLine("Listening...");
        HttpListenerContext context = listener.GetContext();

        HttpListenerBasicIdentity identity = (HttpListenerBasicIdentity)context.User.Identity;
        if (null != identity)
        {
            // Here is your Username and Password you gave in your browser for url http://localhost:8080/index/"
            Console.WriteLine(identity.Name);
            Console.WriteLine(identity.Password);
        }

        HttpListenerRequest request = context.Request;
        HttpListenerResponse response = context.Response;
        // Construct a response.
        string responseString = "<HTML><BODY> Hello world!</BODY></HTML>";
        byte[] buffer = System.Text.Encoding.UTF8.GetBytes(responseString);
        // Get a response stream and write the response to it.
        response.ContentLength64 = buffer.Length;
        System.IO.Stream output = response.OutputStream;
        output.Write(buffer, 0, buffer.Length);
        // You must close the output stream.
        output.Close();
        listener.Stop();
        listener.Close();
    }

    static void Main(string[] args)
    {
        SimpleListenerWithBasicAuthentication(new String[] { "http://localhost:8080/index/" });
    }
}

[Yonatan]

Thanks a lot kernelcoder, just some follow-up questions.

1. Anonymous = transparent authentication or not authentication at all?
Basic = Login window (username, pw)
None = 403 for every request.
Did I got that right?

2. Why do we need the cast to the basic Identity? why wasnt it like that at first?

3. What does the Listener.User object exactly represents? f.e if I use it in a proxy server will the listener user be changed for every user or do I need to make a listener thread for every user?

Thanks a lot!

[kernelcoder]

1. Yes, you got right.

2. Because the contenxt.User.Identity is of type base interface IIdentity. So we need to cast it to HttpListenerBasicIdentity. Note that if we set the AuthenticationScheme to IntegratedWindowsAuthentication, we need to cast the context.User.Indentity to System.Security.Principal.WindowsIdentity. There are same alike too. So here is the point -- do you think is it possible to have multiple type for contenxt.User.Identity? No, Impossible. That's why the base interface for all identity.

3. HttpListener.User contains all the security information about a Http request. Please read more here. No, the listener will be same for all users. Note, you are getting the user from context.User, from not the listener itself. And the context object will be created for every request.

Edited by kernelcoder, 19 June 2012 - 04:51 PM.

[Yonatan]

Alright I think I pretty much got it.

Just one last question:

What is the: AuthenticationSchemeSelectorDelegate?

[kernelcoder]

In the post#2 in this thread, I set the AuthenticationSchemes property of HttpListener object before the listener.GetContext() call. This is fixed setting of AuthenticationSchemes for all request to this listener. Now what if you want to set different authentication scheme depending on the condition of the request? What if you want to show all the AuthenticationSchemes you want to support on your site to the user and get an input from the list from him and use it? Here is the AuthenticationSchemeSelectorDelegate property of HttpListener comes in play. As example, suppose we want to set AuthenticationSchemes to IntegratedWindowsAuthentication for the local machine requests and want to set AuthenticationSchemes to Basic for all other requests. And here is the changed code.

class Program

{
        static AuthenticationSchemes AuthenticationSchemeForClient(HttpListenerRequest request)
        {
                Console.WriteLine("Client authentication protocol selection in progress...");
                // Do not authenticate local machine requests.
                if (request.RemoteEndPoint.Address.Equals(IPAddress.Loopback)) {
                        return AuthenticationSchemes.IntegratedWindowsAuthentication;
                }
                else {
                        return AuthenticationSchemes.Basic;
                }
        }

        public static void SimpleListenerWithBasicAuthentication(string[] prefixes)
        {
                if (!HttpListener.IsSupported)
                {
                        Console.WriteLine("Windows XP SP2 or Server 2003 is required to use the HttpListener class.");
                        return;
                }
                if (prefixes == null || prefixes.Length == 0)
                        throw new ArgumentException("prefixes");
                // Set up a listener.
                HttpListener listener = new HttpListener();
                foreach (string s in prefixes) {
                        listener.Prefixes.Add(s);
                }
                //listener.AuthenticationSchemes = AuthenticationSchemes.Basic;
listener.AuthenticationSchemeSelectorDelegate = new AuthenticationSchemeSelector(AuthenticationSchemeForClient);
                listener.Start();
                Console.WriteLine("Listening...");
                HttpListenerContext context = listener.GetContext();
                HttpListenerRequest request = context.Request;
                HttpListenerResponse response = context.Response;
                // Construct a response.
                string responseString = "<HTML><BODY> Hello world!</BODY></HTML>";
                byte[] buffer = System.Text.Encoding.UTF8.GetBytes(responseString);
                // Get a response stream and write the response to it.
                response.ContentLength64 = buffer.Length;
                System.IO.Stream output = response.OutputStream;
                output.Write(buffer, 0, buffer.Length);
                // You must close the output stream.
                output.Close();
                listener.Stop();
                listener.Close();
        }

        static void Main(string[] args)
        {
                SimpleListenerWithBasicAuthentication(new String[] { "http://localhost:8080/index/" });
        }
}

[Yonatan]

Thanks a lot kernelcoder, I got some idea about those AuthenticationSchemes and the delegate option.

Like!