嘗試使用自定義基本驗證模塊similar to this時出現問題。客戶端使用HttpWebRequest
類。通過SSL發送請求時無法發佈文件數據
客戶端運行下面的代碼:
void uploadFile(string serverUrl, string filePath)
{
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.
Create(serverUrl);
CredentialCache cache = new CredentialCache();
cache.Add(new Uri(serverUrl), "Basic", new NetworkCredential("User", "pass"));
request.Credentials = cache;
request.Method = "POST";
request.ContentType = "application/octet-stream";
request.Timeout = 60000;
request.KeepAlive = true;
using(BinaryReader reader = new BinaryReader(
File.OpenRead(filePath))) {
request.ContentLength = reader.BaseStream.Length;
using(Stream stream = request.GetRequestStream()) {
byte[] buffer = new byte[1024];
while(true) {
int bytesRead = reader.Read(buffer, 0, buffer.Length);
if(bytesRead == 0) {
break;
}
stream.Write(buffer, 0, bytesRead);
}
}
}
HttpWebResponse result = (HttpWebResponse)request.GetResponse();
//handle result - not relevant
}
如果一個URI開始http://
創建請求它工作正常 - 一個請求到達服務器,認證模塊傳遞請求,它回覆WWW-Authenticate
,請求重複現在與認證參數,模塊驗證它,並進一步傳遞。
如果爲從https://
開始的URI創建請求,則不起作用。初始請求獲取到模塊和模塊WWW-Authenticate
void ReplyWithAuthHeader()
{
HttpContext currentContext = HttpContext.Current;
context.Response.StatusCode = 401;
context.Response.AddHeader("WWW-Authenticate",
String.Format("Basic realm=\"{0}\"", "myname.mycompany.com"));
}
的一個例外是在客戶機拋出帶有「無法將數據寫入傳輸連接回復:一個已建立的連接在主機中的軟件放棄機。」文本。
我試圖System.Net tracing,發現在客戶端發送回來下面的頭在初始請求後:
Date: Fri, 04 Feb 2011 12:15:04 GMT
Server: Microsoft-IIS/5.1
X-Powered-By: ASP.NET
而當URI開始http://
客戶端收到以下內容:
Content-Length: 1894
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Feb 2011 12:12:11 GMT
Server: Microsoft-IIS/5.1
WWW-Authenticate: Basic realm="myname.mycompany.com"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
所以很明顯,WWW-Authenticate
響應會被吞噬,並且不會到達客戶端。
此外,如果我排除將文件數據寫入請求的代碼,它也可以進行身份驗證。
我該如何解決這個問題?我如何使WWW-Authenticate
響應得到客戶端?