AuthenticationManagerとは？ わかりやすく解説

.NET Framework クラス ライブラリ リファレンス

AuthenticationManager クラス

クライアント認証プロセス中に呼び出される認証モジュールを管理します。

名前空間: System.Net
アセンブリ: System (system.dll 内)
構文

Visual Basic (宣言)

Public Class AuthenticationManager

Visual Basic (使用法)

Dim instance As AuthenticationManager

C#

public class AuthenticationManager

C++

public ref class AuthenticationManager

J#

public class AuthenticationManager

JScript

public class AuthenticationManager

解説

AuthenticationManager は、アプリケーションが使用する認証モジュールを管理する静的クラスです。保護されたリソースに対して要求を行った場合、AuthenticationManager は Authenticate メソッドを呼び出して、次の要求で使用する Authorization インスタンスを取得します。

AuthenticationManager はモジュールごとに IAuthenticationModule.Authenticate メソッドを呼び出して、登録された各認証モジュールに照会します。Authorization インスタンスを返した最初の認証モジュールが要求を認証するために使用されます。

既定では、基本、ダイジェスト、ネゴシエート、NTLM、Kerberos の各認証の種類を提供するモジュールが AuthenticationManager で登録されています。IAuthenticationModule インターフェイスを実装する認証モジュールは、Register メソッドを使用して追加できます。認証モジュールは、一覧に追加した順序で呼び出されます。

メモ

Kerberos 認証およびネゴシエート認証の種類は、Windows 95/98 および Windows NT 4.0 ではサポートされていません。

使用例

Visual Basic

' The following example shows how to create a custom Basic authentication
 module,
' how to register it using the AuthenticationManager class and how to
 authorize  
' users to access a Web site.
' Note: To run this program you must create a test Web site that performs
' Basic authentication. Also you must add to your server machine a user
 whose
' credentials are the same as the ones you use in this program.
' Attention: Basic authentication sends the user's credentials over
 HTTP. 
' Passwords and user names are encoded using Base64 encoding. Although
 the 
' user information is encoded, it is considered insecure becasue it
 could be deciphered 
' relatively easily. 
' If you must use Basic authentication you are strongly advised to use
 strong 
' security mechanisms, such as SSL, when transferring sensitive information.


Imports System
Imports System.Net
Imports System.IO
Imports System.Text
Imports System.Collections
Imports Microsoft.VisualBasic

Namespace Mssc.Services.Authentication

  Module TestingAuthentication

    ' The ClientAuthentication class performs the following main tasks:
    ' 1) Obtains the user's credentials.
    ' 2) Unregisters the standard Basic authentication.
    ' 3) Registers the custom Basic authentication.
    ' 4) Reads the selected page and displays it on the console.

    Class TestAuthentication

      Private Shared username, password, domain,
 uri As String


      'This method invoked when the user does not enter the required
 input parameters.
      Private Shared Sub
 showusage()
        Console.WriteLine("Attempts to authenticate to a URL")
        Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "Use
 one of the following:")
        Console.WriteLine(ControlChars.Tab + "customBasicAuthentication
 URL username password domain")
        Console.WriteLine(ControlChars.Tab + "customBasicAuthentication
 URL username password")
      End Sub 'showusage


      ' Display registered authentication modules.
      Private Shared Sub
 displayRegisteredModules()
        ' The AuthenticationManager calls all authentication modules
 sequentially 
        ' until one of them responds with an authorization instance.
  Show
        ' the current registered modules.
        Dim registeredModules As IEnumerator
 = AuthenticationManager.RegisteredModules
        Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "The
 following authentication modules are now registered with the system:")
        While registeredModules.MoveNext()
          Console.WriteLine(ControlChars.Cr + " "
 + ControlChars.Lf + " Module : {0}", registeredModules.Current)
          Dim currentAuthenticationModule As
 IAuthenticationModule = CType(registeredModules.Current, IAuthenticationModule)
          Console.WriteLine(ControlChars.Tab + "  CanPreAuthenticate
 : {0}", currentAuthenticationModule.CanPreAuthenticate)
        End While
      End Sub 'displayRegisteredModules
 

      ' The getPage method accesses the selected page and displays its
 content 
      ' on the console.
      Private Shared Sub
 getPage(ByVal url As [String])
        Try
          ' Create the Web request object.
          Dim req As HttpWebRequest = CType(WebRequest.Create(url),
 HttpWebRequest)

          ' Define the request access method.
          req.Method = "GET"

          ' Define the request credentials according to the user's input.
          If domain = [String].Empty Then
            req.Credentials = New NetworkCredential(username,
 password)
            ' If the user does not specify the Internet resource domain,
 this usually
            ' is by default the name of the sever hosting the resource.
          Else
            req.Credentials = New NetworkCredential(username,
 password, domain)
          End If
          ' Issue the request.
          Dim result As HttpWebResponse = CType(req.GetResponse(),
 HttpWebResponse)

          Console.WriteLine(ControlChars.Lf + "Authentication
 Succeeded:")

          ' Store the response.
          Dim sData As Stream = result.GetResponseStream()

          ' Display the response.
          displayPageContent(sData)
        Catch e As WebException
          ' Display any errors. In particular, display any protocol-related
 error. 
          If e.Status = WebExceptionStatus.ProtocolError Then
            Dim hresp As HttpWebResponse =
 CType(e.Response, HttpWebResponse)
            Console.WriteLine((ControlChars.Lf + "Authentication
 Failed, " + hresp.StatusCode))
            Console.WriteLine(("Status Code: " + Fix(hresp.StatusCode)))
            Console.WriteLine(("Status Description: "
 + hresp.StatusDescription))
            Return
          End If
          Console.WriteLine(("Caught Exception: "
 + e.Message))
          Console.WriteLine(("Stack: " + e.StackTrace))
        End Try
      End Sub 'getPage


      ' The displayPageContent method display the content of the
      ' selected page.
      Private Shared Sub
 displayPageContent(ByVal ReceiveStream As
 Stream)
        ' Create an ASCII encoding object.
        Dim ASCII As Encoding = Encoding.ASCII

        ' Define the byte array to temporarily hold the current read
 bytes. 
        Dim read(511) As [Byte]

        Console.WriteLine(ControlChars.Cr + ControlChars.Lf + "Page
 Content..." + ControlChars.Cr + ControlChars.Lf)

        ' Read the page content and display it on the console.
        ' Read the first 512 bytes.
        Dim bytes As Integer
 = ReceiveStream.Read(read, 0, 512)
        While bytes > 0
          Console.Write(ASCII.GetString(read, 0, bytes))
          bytes = ReceiveStream.Read(read, 0, 512)
        End While
        Console.WriteLine("")
      End Sub 'displayPageContent

      'Entry point which delegates to C-style main Private Function
      'Public Overloads Sub Main(ByVal args() As String)
      ' Main(System.Environment.GetCommandLineArgs())
      'End Sub


      ' This is the program entry point. It allows the user to enter
 
      ' her credentials and the Internet resource (Web page) to access.
      ' It also unregisters the standard and registers the customized
 Basic 
      ' authentication.
      Public Shared Sub
 Main(ByVal args() As String)

        If args.Length < 3 Then
          showusage()
        Else

          ' Read the user's credentials.
          uri = args(0)
          username = args(1)
          password = args(2)

          If args.Length = 3 Then
            domain = String.Empty
            ' If the domain exists, store it. Usually the domain name
            ' is by default the name of the server hosting the Internet
            ' resource.
          Else
            domain = args(3)
          End If

          ' Instantiate the custom Basic authentication module.
          Dim customBasicModule As New
 CustomBasic()

          ' Unregister the standard Basic authentication module.
          AuthenticationManager.Unregister("Basic")

          ' Register the custom Basic authentication module.
          AuthenticationManager.Register(customBasicModule)

          ' Display registered authorization modules.
          displayRegisteredModules()

          ' Read the specified page and display it on the console.
          getPage(uri)
        End If
        Return
      End Sub 'Main


    ' The CustomBasic class creates a custom Basic authentication by
 implementing the
    ' IAuthenticationModule interface. It performs the following
    ' tasks:
    ' 1) Defines and initializes the required properties.
    ' 2) Implements the Authenticate and PreAuthenticate methods.

    Public Class CustomBasic
      Implements IAuthenticationModule

      Private m_authenticationType As String
      Private m_canPreAuthenticate As Boolean


      ' The CustomBasic constructor initializes the properties of the
 customized 
      ' authentication.
      Public Sub New()
        m_authenticationType = "Basic"
        m_canPreAuthenticate = False
      End Sub 'New

      ' Define the authentication type. This type is then used to identify
 this
      ' custom authentication module. The default is set to Basic.

      Public ReadOnly Property
 AuthenticationType() As String _
       Implements IAuthenticationModule.AuthenticationType

        Get
          Return m_authenticationType
        End Get
      End Property

      ' Define the pre-authentication capabilities for the module. The
 default is set
      ' to false.

      Public ReadOnly Property
 CanPreAuthenticate() As Boolean _
       Implements IAuthenticationModule.CanPreAuthenticate


        Get
          Return m_canPreAuthenticate
        End Get
      End Property

    ' The checkChallenge method checks whether the challenge sent by
 the HttpWebRequest 
    ' contains the correct type (Basic) and the correct domain name.
 
    ' Note: The challenge is in the form BASIC REALM="DOMAINNAME";
 
    ' the Internet Web site must reside on a server whose
    ' domain name is equal to DOMAINNAME.
      Public Function checkChallenge(ByVal
 Challenge As String, ByVal
 domain As String) As Boolean
        Dim challengePasses As Boolean
 = False

        Dim tempChallenge As [String] = Challenge.ToUpper()

        ' Verify that this is a Basic authorization request and that
 the requested domain
        ' is correct.
        ' Note: When the domain is an empty string, the following code
 only checks 
        ' whether the authorization type is Basic.
        If tempChallenge.IndexOf("BASIC")
 <> -1 Then
          If domain <> [String].Empty Then
            If tempChallenge.IndexOf(domain.ToUpper()) <>
 -1 Then
              challengePasses = True
              ' The domain is not allowed and the authorization type
 is Basic.
            Else
              challengePasses = False
            End If
            ' The domain is a blank string and the authorization type
 is Basic.
          Else
            challengePasses = True
          End If
        End If
        Return challengePasses
      End Function 'checkChallenge


      ' The PreAuthenticate method specifies whether the authentication
 implemented 
      ' by this class allows pre-authentication. 
      ' Even if you do not use it, this method must be implemented to
 obey to the rules 
      ' of interface implementation.
      ' In this case it always returns null. 
      Public Function PreAuthenticate(ByVal
 request As WebRequest, ByVal credentials
 As ICredentials) As Authorization _
          Implements IAuthenticationModule.PreAuthenticate

        Return Nothing
      End Function 'PreAuthenticate

      
      ' Authenticate is the core method for this custom authentication.
      ' When an Internet resource requests authentication, the WebRequest.GetResponse
 
      ' method calls the AuthenticationManager.Authenticate method.
 This method, in 
      ' turn, calls the Authenticate method on each of the registered
 authentication
      ' modules, in the order in which they were registered. When the
 authentication is 
      ' complete an Authorization object is returned to the WebRequest.
      Public Function Authenticate(ByVal
 challenge As String, ByVal
 request As WebRequest, ByVal credentials As ICredentials) As Authorization _
          Implements IAuthenticationModule.Authenticate


        Dim ASCII As Encoding = Encoding.ASCII

        ' Get the username and password from the credentials
        Dim MyCreds As NetworkCredential =
 credentials.GetCredential(request.RequestUri, "Basic")

        If PreAuthenticate(request, credentials) Is
 Nothing Then
          Console.WriteLine(ControlChars.Lf + " Pre-authentication
 is not allowed.")
        Else
          Console.WriteLine(ControlChars.Lf + " Pre-authentication
 is allowed.")
        End If
        ' Verify that the challenge satisfies the authorization requirements.
        Dim challengeOk As Boolean
 = checkChallenge(challenge, MyCreds.Domain)

        If Not challengeOk Then
          Return Nothing
        End If

        ' Create the encrypted string according to the Basic authentication
 format as
        ' follows:
        ' a)Concatenate the username and password separated by colon;
        ' b)Apply ASCII encoding to obtain a stream of bytes;
        ' c)Apply Base64 encoding to this array of bytes to obtain the
 encoded 
        ' authorization.
        Dim BasicEncrypt As String
 = MyCreds.UserName + ":" + MyCreds.Password

        Dim BasicToken As String
 = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt))

        ' Create an Authorization object using the encoded authorization
 above.
        Dim resourceAuthorization As New
 Authorization(BasicToken)

        ' Get the Message property, which contains the authorization
 string that the 
        ' client returns to the server when accessing protected resources.
        Console.WriteLine(ControlChars.Lf + " Authorization Message:{0}",
 resourceAuthorization.Message)

        ' Get the Complete property, which is set to true when the authentication
 process 
        ' between the client and the server is finished.
        Console.WriteLine(ControlChars.Lf + " Authorization Complete:{0}",
 resourceAuthorization.Complete)

        Console.WriteLine(ControlChars.Lf + " Authorization ConnectionGroupId:{0}",
 resourceAuthorization.ConnectionGroupId)


        Return resourceAuthorization
      End Function 'Authenticate
    End Class 'CustomBasic 
  End Module
End Namespace

C#

// The following example shows how to create a custom Basic authentication
 module,
// how to register it using the AuthenticationManager class and how
 to authorize  
// users to access a Web site.
// Note: To run this program you must create a test Web site that performs
// Basic authentication. Also you must add to your server machine a
 user whose
// credentials are the same as the ones you use in this program.
// Attention: Basic authentication sends the user's credentials over
 HTTP. 
// Passwords and user names are encoded using Base64 encoding. Although
 the 
// user information is encoded, it is considered insecure becasue it
 could be deciphered 
// relatively easily. 
// If you must use Basic authentication you are strongly advised to
 use strong 
// security mechanisms, such as SSL, when transferring sensitive information.


using System;
using System.Net;
using System.IO;
using System.Text;
using System.Collections;


namespace Mssc.Services.Authentication
{
  // The ClientAuthentication class performs the following main tasks:
  // 1) Obtains the user's credentials.
  // 2) Unregisters the standard Basic authentication.
  // 3) Registers the custom Basic authentication.
  // 4) Reads the selected page and displays it on the console.
  class TestAuthentication 
  {

    private static string
 username, password, domain, uri;

    // This method invoked when the user does not enter the required
 input parameters.
    private static void
 showusage() 
    {
      Console.WriteLine("Attempts to authenticate to a URL");
      Console.WriteLine("\r\nUse one of the following:");
      Console.WriteLine("\tcustomBasicAuthentication URL username password domain");
      Console.WriteLine("\tcustomBasicAuthentication URL username password");
    }

    // Display registered authentication modules.
    private static void
 displayRegisteredModules() 
    {
      // The AuthenticationManager calls all authentication modules
 sequentially 
      // until one of them responds with an authorization instance.
  Show
      // the current registered modules.
      IEnumerator registeredModules = AuthenticationManager.RegisteredModules; 
      Console.WriteLine("\r\nThe following authentication modules are now registered
 with the system:");
      while(registeredModules.MoveNext())
      {
        Console.WriteLine("\r \n Module : {0}",registeredModules.Current);
 
        IAuthenticationModule currentAuthenticationModule = (IAuthenticationModule)registeredModules.Current;
        Console.WriteLine("\t  CanPreAuthenticate : {0}",currentAuthenticationModule.CanPreAuthenticate);
 
      }      
    }

    // The getPage method accesses the selected page and displays its
 content 
    // on the console.
    private static void
 getPage(String url) 
    {
      try 
      {
        // Create the Web request object.
        HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);
        
        // Define the request access method.
        req.Method = "GET";
        
        // Define the request credentials according to the user's input.
        if (domain == String.Empty)
          req.Credentials = new NetworkCredential(username, password);
        else
          // If the user does not specify the Internet resource domain,
 this usually
          // is by default the name of the sever hosting the resource.
          req.Credentials = new NetworkCredential(username, password,
 domain);

        // Issue the request.
        HttpWebResponse result = (HttpWebResponse) req.GetResponse();

        Console.WriteLine("\nAuthentication Succeeded:");

        // Store the response.
        Stream sData = result.GetResponseStream();

        // Display the response.
        displayPageContent(sData);
      }
      catch (WebException e)
      {
        // Display any errors. In particular, display any protocol-related
 error. 
        if (e.Status == WebExceptionStatus.ProtocolError)
        {                
          HttpWebResponse hresp = (HttpWebResponse) e.Response;
          Console.WriteLine("\nAuthentication Failed, " + hresp.StatusCode);
          Console.WriteLine("Status Code: " + (int)
 hresp.StatusCode);
          Console.WriteLine("Status Description: " + hresp.StatusDescription);
                
          return;
        }
        Console.WriteLine("Caught Exception: " + e.Message);
        Console.WriteLine("Stack: " + e.StackTrace);
      }
    }

    // The displayPageContent method display the content of the
    // selected page.
    private static void
 displayPageContent(Stream ReceiveStream) 
    {
      // Create an ASCII encoding object.
      Encoding ASCII = Encoding.ASCII;
    
      // Define the byte array to temporarily hold the current read
 bytes. 
      Byte[] read = new Byte[512];

      Console.WriteLine("\r\nPage Content...\r\n");

      // Read the page content and display it on the console.
      // Read the first 512 bytes.
      int bytes = ReceiveStream.Read(read, 0, 512);
      while (bytes > 0) 
      {
        Console.Write(ASCII.GetString(read, 0, bytes));
        bytes = ReceiveStream.Read(read, 0, 512);
      }
      Console.WriteLine("");
    }

    // This is the program entry point. It allows the user to enter
 
    // her credentials and the Internet resource (Web page) to access.
    // It also unregisters the standard and registers the customized
 Basic 
    // authentication.
    public static void Main(string[]
 args) 
    {
    
      if (args.Length < 3)
        showusage();
      else 
      {    
         
        // Read the user's credentials.
        uri = args[0];
        username = args[1];
        password = args[2];

        if (args.Length == 3)
          domain = string.Empty;
        else
          // If the domain exists, store it. Usually the domain name
          // is by default the name of the server hosting the Internet
          // resource.
          domain = args[3];

      
        // Instantiate the custom Basic authentication module.
        CustomBasic customBasicModule = new CustomBasic();
           
        // Unregister the standard Basic authentication module.
        AuthenticationManager.Unregister("Basic");

        // Register the custom Basic authentication module.
        AuthenticationManager.Register(customBasicModule);
 
        // Display registered authorization modules.
        displayRegisteredModules();
        
        // Read the specified page and display it on the console.
        getPage(uri);
      }
      return;
    }
  }
 
  // The CustomBasic class creates a custom Basic authentication by
 implementing the
  // IAuthenticationModule interface. It performs the following
  // tasks:
  // 1) Defines and initializes the required properties.
  // 2) Implements the Authenticate method.
  
  public class CustomBasic : IAuthenticationModule
  {

    private string m_authenticationType ;
    private bool m_canPreAuthenticate ;

    // The CustomBasic constructor initializes the properties of the
 customized 
    // authentication.
    public CustomBasic()
    {
      m_authenticationType = "Basic";
      m_canPreAuthenticate = false;
    }

    // Define the authentication type. This type is then used to identify
 this
    // custom authentication module. The default is set to Basic.
    public string AuthenticationType
    {
      get
      {
        return m_authenticationType;
      }
    }

    // Define the pre-authentication capabilities for the module. The
 default is set
    // to false.
    public bool CanPreAuthenticate
    {
      get
      {
        return m_canPreAuthenticate;
      }
    }

    // The checkChallenge method checks whether the challenge sent by
 the HttpWebRequest 
    // contains the correct type (Basic) and the correct domain name.
 
    // Note: The challenge is in the form BASIC REALM="DOMAINNAME";
 
    // the Internet Web site must reside on a server whose
    // domain name is equal to DOMAINNAME.
    public bool checkChallenge(string
 Challenge, string domain) 
    {
      bool challengePasses = false;

      String tempChallenge = Challenge.ToUpper();

      // Verify that this is a Basic authorization request and that
 the requested domain
      // is correct.
      // Note: When the domain is an empty string, the following code
 only checks 
      // whether the authorization type is Basic.

      if (tempChallenge.IndexOf("BASIC") != -1)
        if (domain != String.Empty)
          if (tempChallenge.IndexOf(domain.ToUpper()) != -1)
            challengePasses = true;
          else
            // The domain is not allowed and the authorization type
 is Basic.
            challengePasses = false;
        else
          // The domain is a blank string and the authorization type
 is Basic.
          challengePasses = true;

      return challengePasses;
    }

    // The PreAuthenticate method specifies whether the authentication
 implemented 
    // by this class allows pre-authentication. 
    // Even if you do not use it, this method must be implemented to
 obey to the rules 
    // of interface implementation.
    // In this case it always returns null. 
    public Authorization PreAuthenticate(WebRequest request, ICredentials
 credentials) 
    {                
      return null;
    }

    // Authenticate is the core method for this custom authentication.
    // When an Internet resource requests authentication, the WebRequest.GetResponse
 
    // method calls the AuthenticationManager.Authenticate method. This
 method, in 
    // turn, calls the Authenticate method on each of the registered
 authentication
    // modules, in the order in which they were registered. When the
 authentication is 
    // complete an Authorization object is returned to the WebRequest.
    public Authorization Authenticate(String challenge, WebRequest
 request, ICredentials credentials) 
    {
      Encoding ASCII = Encoding.ASCII;        

      // Get the username and password from the credentials
      NetworkCredential MyCreds = credentials.GetCredential(request.RequestUri, "Basic");
        

      if (PreAuthenticate(request, credentials) == null)
        Console.WriteLine("\n Pre-authentication is not allowed.");
      else
        Console.WriteLine("\n Pre-authentication is allowed.");

      // Verify that the challenge satisfies the authorization requirements.
      bool challengeOk = checkChallenge(challenge, MyCreds.Domain);

      if (!challengeOk)
        return null;

      // Create the encrypted string according to the Basic authentication
 format as
      // follows:
      // a)Concatenate the username and password separated by colon;
      // b)Apply ASCII encoding to obtain a stream of bytes;
      // c)Apply Base64 encoding to this array of bytes to obtain the
 encoded 
      // authorization.
      string BasicEncrypt = MyCreds.UserName + ":" +
 MyCreds.Password;

      string BasicToken = "Basic " + Convert.ToBase64String(ASCII.GetBytes(BasicEncrypt));

      // Create an Authorization object using the encoded authorization
 above.
      Authorization resourceAuthorization = new Authorization(BasicToken);

      // Get the Message property, which contains the authorization
 string that the 
      // client returns to the server when accessing protected resources.
      Console.WriteLine("\n Authorization Message:{0}",resourceAuthorization.Message);

      // Get the Complete property, which is set to true when the authentication
 process 
      // between the client and the server is finished.
      Console.WriteLine("\n Authorization Complete:{0}",resourceAuthorization.Complete);

      Console.WriteLine("\n Authorization ConnectionGroupId:{0}",resourceAuthorization.ConnectionGroupId);


      return resourceAuthorization;
    }
  }
}

C++

// This program shows how to create a custom Basic authentication module
,
// how to register it via the AuthenticationManager class and how to
 authorize
// users to access a Web site.
// Note: In order to run this program you must create a test Web site
 that performs
// Basic authentication. Also you must add to your server machine a
 user whose
// credentials are the same you use in this program.
// Attention: Basic authenticastion sends the user's credentials over
 HTTP.
// Passwords and user names are encoded using Base64 encoding. Although
 the
// user information is encoded, it is considered insecure due to the
 fact that it
// could be deciphered relatively easily.
// If you must use basic authentication you are strongly adviced to
 use strong
// security mechanisms, such as SSL, when transfering sensitive information
 on
// the wire.
#using <System.dll>

using namespace System;
using namespace System::Net;
using namespace System::IO;
using namespace System::Text;
using namespace System::Collections;

// The ClientAuthentication class performs the following main tasks:
// 1) It obtains the user's credentials.
// 2) Unregisters the standard Basic authentication.
// 3) Registers the customized Basic authentication.
// 4) Reads the selected page and displays it on the console.
ref class TestAuthentication
{
public:
   static String^ username;
   static String^ password;
   static String^ domain;
   static String^ uri;

   // Show how to use this program.
   static void showusage()
   {
      Console::WriteLine( "Attempts to authenticate to a URL" );
      Console::WriteLine( "\r\nUse one of the following:" );
      Console::WriteLine( "\tcustomBasicAuthentication URL username password
 domain" );
      Console::WriteLine( "\tcustomBasicAuthentication URL username password"
 );
      Console::WriteLine( "\r\nExample:" );
      Console::WriteLine( "\tcustomBasicAuthentication http://ndpue/ncl/
 basicuser basic.101 ndpue" );
   }


   // Display registered authentication modules.
   static void displayRegisteredModules()
   {
      
      // The AuthenticationManager calls all authentication modules
 sequentially
      // until one of them responds with an authorization instance.
  Show
      // the current registered modules, for testing purposes.
      IEnumerator^ registeredModules = AuthenticationManager::RegisteredModules;
      Console::WriteLine( "\r\nThe following authentication modules are now
 registered with the system" );
      while ( registeredModules->MoveNext() )
      {
         Console::WriteLine( "\r \n Module : {0}", registeredModules->Current
 );
         IAuthenticationModule^ currentAuthenticationModule = dynamic_cast<IAuthenticationModule^>(registeredModules->Current);
         Console::WriteLine( "\t  CanPreAuthenticate : {0}", currentAuthenticationModule->CanPreAuthenticate
 );
      }
   }


   // The getPage method accesses the selected page an displays its
 content
   // on the console.
   static void getPage( String^ url )
   {
      try
      {
         
         // Create the Web request object.
         HttpWebRequest^ req = dynamic_cast<HttpWebRequest^>(WebRequest::Create(
 url ));
         
         // Define the request access method.
         req->Method = "GET";
         
         // Define the request credentials according to the user's input.
         if ( String::Compare( domain, String::Empty ) == 0 )
                  req->Credentials = gcnew NetworkCredential( username,password
 ); // If the user's specifies the Internet resource domain, this usually
         else
                  req->Credentials = gcnew NetworkCredential( username,password,domain
 );
         
         // is by default the name of the sever hosting the resource.
         // Issue the request.
         // req->GetResponse();
         HttpWebResponse^ result = dynamic_cast<HttpWebResponse^>(req->GetResponse());
         Console::WriteLine( "\nAuthentication Succeeded:" );
         
         // Store the response.
         Stream^ sData = result->GetResponseStream();
         
         // Display the response.
         displayPageContent( sData );
      }
      catch ( WebException^ e ) 
      {
         
         // Display the error, if any. In particular display protocol
         // related error.
         if ( e->Status == WebExceptionStatus::ProtocolError
 )
         {
            HttpWebResponse^ hresp = dynamic_cast<HttpWebResponse^>(e->Response);
            Console::WriteLine( "\nAuthentication Failed, {0}", hresp->StatusCode
 );
            Console::WriteLine( "Status Code: {0}", (int)hresp->StatusCode
 );
            Console::WriteLine( "Status Description: {0}", hresp->StatusDescription
 );
            return;
         }
         Console::WriteLine( "Caught Exception: {0}", e->Message );
         Console::WriteLine( "Stack: {0}", e->StackTrace );
      }

   }


   // The displayPageContent method display the content of the
   // selected page.
   static void displayPageContent( Stream^
 ReceiveStream )
   {
      
      // Create an ASCII encoding object.
      Encoding^ ASCII = Encoding::ASCII;
      
      // Define the Byte array to temporary hold the current read bytes.
      array<Byte>^read = gcnew array<Byte>(512);
      Console::WriteLine( "\r\nPage Content...\r\n" );
      
      // Read the page content and display it on the console.
      // Read the first 512 bytes.
      int bytes = ReceiveStream->Read( read, 0, 512 );
      while ( bytes > 0 )
      {
         Console::Write( ASCII->GetString( read, 0, bytes ) );
         bytes = ReceiveStream->Read( read, 0, 512 );
      }

      Console::WriteLine( "" );
   }

};


// The CustomBasic class creates a custom Basic authentication by implementing
 the
// IAuthenticationModule interface. In particular it performs the following
// tasks:
// 1) Defines and initializes the required properties.
// 2) Impements the Authenticate method.
public ref class CustomBasic: public
 IAuthenticationModule
{
private:

   String^ m_authenticationType;
   bool m_canPreAuthenticate;

public:

   // The CustomBasic constructor initializes the properties of the
 customized
   // authentication.
   CustomBasic()
   {
      m_authenticationType = "Basic";
      m_canPreAuthenticate = false;
   }


   property String^ AuthenticationType 
   {

      // Define the authentication type. This type is then used to identify
 this
      // custom authentication module. The default is set to Basic.
      virtual String^ get()
      {
         return m_authenticationType;
      }

   }

   property bool CanPreAuthenticate 
   {

      // Define the pre-authentication capabilities for the module. The
 default is set
      // to false.
      virtual bool get()
      {
         return m_canPreAuthenticate;
      }

   }

   // The checkChallenge method checks if the challenge sent by the
 HttpWebRequest
   // contains the correct type (Basic) and the correct domain name.
   // Note: the challenge is in the form BASIC REALM=S"DOMAINNAME"
   // and you must assure that the Internet Web site resides on a server
 whose
   // domain name is equal to DOMAINAME.
   bool checkChallenge( String^ Challenge, String^ domain )
   {
      bool challengePasses = false;
      String^ tempChallenge = Challenge->ToUpper();
      
      // Verify that this is a Basic authorization request and the requested
 domain
      // is correct.
      // Note: When the domain is an empty string the following code
 only checks
      // whether the authorization type is Basic.
      if ( tempChallenge->IndexOf( "BASIC" ) != -1
 )
            if ( String::Compare( domain, String::Empty ) != 0
 )
            if ( tempChallenge->IndexOf( domain->ToUpper()
 ) != -1 )
            challengePasses = true; // The domain
 is not allowed and the authorization type is Basic.
      else
            challengePasses = false;

      else
            challengePasses = true;


      return challengePasses;
   }


   // The PreAuthenticate method specifies if the authentication implemented
   // by this class allows pre-authentication.
   // Even if you do not use it, this method must be implemented to
 obey to the rules
   // of interface implemebtation.
   // In this case it always returns null.
   virtual Authorization^ PreAuthenticate( WebRequest^ request, ICredentials^ credentials
 )
   {
      return nullptr;
   }


   // Authenticate is the core method for this custom authentication.
   // When an internet resource requests authentication, the WebRequest::GetResponse
   // method calls the AuthenticationManager::Authenticate method. This
 method, in
   // turn, calls the Authenticate method on each of the registered
 authentication
   // modules, in the order they were registered. When the authentication
 is
   // complete an Authorization object is returned to the WebRequest,
 as
   // shown by this routine's retun type.
   virtual Authorization^ Authenticate( String^ challenge, WebRequest^ request, ICredentials^
 credentials )
   {
      Encoding^ ASCII = Encoding::ASCII;
      
      // Get the username and password from the credentials
      NetworkCredential^ MyCreds = credentials->GetCredential( request->RequestUri,
 "Basic" );
      if ( PreAuthenticate( request, credentials ) == nullptr
 )
            Console::WriteLine( "\n Pre-authentication is not allowed."
 );
      else
            Console::WriteLine( "\n Pre-authentication is allowed." );

      
      // Verify that the challenge satisfies the authorization requirements.
      bool challengeOk = checkChallenge( challenge, MyCreds->Domain
 );
      if (  !challengeOk )
            return nullptr;

      
      // Create the encrypted string according to the Basic authentication
 format as
      // follows:
      // a)Concatenate username and password separated by colon;
      // b)Apply ASCII encoding to obtain a stream of bytes;
      // c)Apply Base64 Encoding to this array of bytes to obtain the
 encoded
      // authorization.
      String^ BasicEncrypt = String::Concat( MyCreds->UserName, ":",
 MyCreds->Password );
      String^ BasicToken = String::Concat( "Basic ", Convert::ToBase64String(
 ASCII->GetBytes( BasicEncrypt ) ) );
      
      // Create an Authorization object using the above encoded authorization.
      Authorization^ resourceAuthorization = gcnew Authorization( BasicToken );
      
      // Get the Message property which contains the authorization string
 that the
      // client returns to the server when accessing protected resources
      Console::WriteLine( "\n Authorization Message: {0}", resourceAuthorization->Message
 );
      
      // Get the Complete property which is set to true when the authentication
 process
      // between the client and the server is finished.
      Console::WriteLine( "\n Authorization Complete: {0}", resourceAuthorization->Complete
 );
      
      Console::WriteLine( "\n Authorization ConnectionGroupId: {0}", resourceAuthorization->ConnectionGroupId
 );
      return resourceAuthorization;
   }

};


// This is the program entry point. It allows the user to enter
// her credentials and the Internet resource (Web page) to access.
// It also unregisters the standard and registers the customized basic
// authentication.
int main()
{
   array<String^>^args = Environment::GetCommandLineArgs();
   if ( args->Length < 4 )
      TestAuthentication::showusage();
   else
   {
      
      // Read the user's credentials.
      TestAuthentication::uri = args[ 1 ];
      TestAuthentication::username = args[ 2 ];
      TestAuthentication::password = args[ 3 ];
      if ( args->Length == 4 )
            TestAuthentication::domain = String::Empty; // If the domain
 exists, store it. Usually the domain name
      else
            TestAuthentication::domain = args[ 4 ];
      
      // is by default the name of the server hosting the Internet
      // resource.
      // Instantiate the custom Basic authentication module.
      CustomBasic^ customBasicModule = gcnew CustomBasic;
      
      // Unregister the standard Basic authentication module.
      AuthenticationManager::Unregister( "Basic" );
      
      // Register the custom Basic authentication module.
      AuthenticationManager::Register( customBasicModule );
      
      // Display registered Authorization modules.
      TestAuthentication::displayRegisteredModules();
      
      // Read the specified page and display it on the console.
      TestAuthentication::getPage( TestAuthentication::uri );
   }
}

J#

// The following example shows how to create a custom Basic 
// authentication module, how to register it using the AuthenticationManager
 
// class and how to authorize users to access a Web site.
// Note: To run this program you must create a test Web site that performs
// Basic authentication. Also you must add to your server machine a
 user whose
// credentials are the same as the ones you use in this program.
// Attention: Basic authentication sends the user's credentials over
 HTTP. 
// Passwords and user names are encoded using Base64 encoding. Although
 the 
// user information is encoded, it is considered insecure becasue it
 could be 
// deciphered relatively easily. 
// If you must use Basic authentication you are strongly advised to
 use strong 
// security mechanisms, such as SSL, when transferring sensitive information.
import System.*;
import System.Net.*;
import System.IO.*;
import System.Text.*;
import System.Collections.*;
// The ClientAuthentication class performs the following main tasks:
// 1) Obtains the user's credentials.
// 2) Unregisters the standard Basic authentication.
// 3) Registers the custom Basic authentication.
// 4) Reads the selected page and displays it on the console.
class TestAuthentication
{
    private static String username, password,
 domain, uri;

    // This method invoked when the user does not enter the required
 input 
    // parameters.
    private static void
 ShowUsage()
    {
        Console.WriteLine("Attempts to authenticate to a URL");
        Console.WriteLine("\r\nUse one of the following:");
        Console.WriteLine(
            "\tcustomBasicAuthentication URL username password domain");
        Console.WriteLine("\tcustomBasicAuthentication URL username password");
    } //ShowUsage

    // Display registered authentication modules.
    private static void
 DisplayRegisteredModules()
    {
        // The AuthenticationManager calls all authentication modules
 
        // sequentially until one of them responds with an authorization
 
        // instance.Show the current registered modules.
        IEnumerator registeredModules = 
            AuthenticationManager.get_RegisteredModules();
        Console.WriteLine("\r\nThe following authentication modules are now"
            + " registered with the system:");
        while (registeredModules.MoveNext()) {
            Console.WriteLine("\r \n Module : {0}", 
                registeredModules.get_Current());
            IAuthenticationModule currentAuthenticationModule = 
                ((IAuthenticationModule)(registeredModules.get_Current()));
            Console.WriteLine("\t  CanPreAuthenticate : {0}", 
                System.Convert.ToString(
                currentAuthenticationModule.get_CanPreAuthenticate()));
        }
    } //DisplayRegisteredModules

    // The GetPage method accesses the selected page and displays its
 content 
    // on the console.
    private static void
 GetPage(String url)
    {
        try {
            // Create the Web request object.
            HttpWebRequest req = ((HttpWebRequest)(WebRequest.Create(url)));

            // Define the request access method.
            req.set_Method("GET");

            // Define the request credentials according to the user's
 input.
            if (domain.Equals("")) {
                req.set_Credentials(new NetworkCredential(username,
 password));
            }
            else {
                // If the user does not specify the Internet resource
 domain,
                // this usually is by default the name of the sever
                // hosting the resource.
                req.set_Credentials(new NetworkCredential(
                    username, password, domain));
            }

            // Issue the request.
            HttpWebResponse result = ((HttpWebResponse)(req.GetResponse()));
            Console.WriteLine("\nAuthentication Succeeded:");

            // Store the response.
            Stream sData = result.GetResponseStream();

            // Display the response.
            DisplayPageContent(sData);
        }
        catch (WebException e) {
            // Display any errors. In particular, display any protocol-related
 
            // error. 
            if (e.get_Status() .Equals(WebExceptionStatus.ProtocolError))
 {
                HttpWebResponse hresp = ((HttpWebResponse)(e.get_Response()));
                Console.WriteLine(("\nAuthentication Failed, " 
                    + hresp.get_StatusCode()));
                Console.WriteLine(("Status Code: " 
                    + (int)(hresp.get_StatusCode())));
                Console.WriteLine(("Status Description: " 
                    + hresp.get_StatusDescription()));
                return;
            }
            Console.WriteLine(("Caught Exception: " + e.get_Message()));
            Console.WriteLine(("Stack: " + e.get_StackTrace()));
        }
    } //GetPage

    // The DisplayPageContent method display the content of the
    // selected page.
    private static void
 DisplayPageContent(Stream receiveStream)
    {
        // Create an ascii encoding object.
        Encoding ascii = Encoding.get_ASCII();

        // Define the byte array to temporarily hold the current read
 bytes. 
        ubyte read[] = new ubyte[512];
        Console.WriteLine("\r\nPage Content...\r\n");

        // Read the page content and display it on the console.
        // Read the first 512 bytes.
        int bytes = receiveStream.Read(read, 0, 512);
        while ((bytes > 0)) {
            Console.Write(ascii.GetString(read, 0, bytes));
            bytes = receiveStream.Read(read, 0, 512);
        }
        Console.WriteLine("");
    } //DisplayPageContent

    // This is the program entry point. It allows the user to enter
 
    // her credentials and the Internet resource (Web page) to access.
    // It also unregisters the standard and registers the customized
 Basic 
    // authentication.
    public static void main(String[]
 args)
    {
        if (args.length < 3) {
            ShowUsage();
        }
        else {
            // Read the user's credentials.
            uri = args[0];
            username = args[1];
            password = args[2];
            if (args.length == 3) {
                domain = "";
            }
            else {
                // If the domain exists, store it. Usually the domain
 name
                // is by default the name of the server hosting the
 Internet
                // resource.
                domain = args[3];
            }

            // Instantiate the custom Basic authentication module.
            CustomBasic customBasicModule = new CustomBasic();

            // Unregister the standard Basic authentication module.
            AuthenticationManager.Unregister("Basic");

            // Register the custom Basic authentication module.
            AuthenticationManager.Register(customBasicModule);

            // Display registered authorization modules.
            DisplayRegisteredModules();

            // Read the specified page and display it on the console.
            GetPage(uri);
        }
        return;
    } //main
} //TestAuthentication

// The CustomBasic class creates a custom Basic authentication by implementing
// the IAuthenticationModule interface. It performs the following tasks:
// 1) Defines and initializes the required properties.
// 2) Implements the Authenticate method.
public class CustomBasic implements IAuthenticationModule
{
    private String m_authenticationType;
    private boolean m_canPreAuthenticate;

    // The CustomBasic constructor initializes the properties of the
 customized 
    // authentication.
    public CustomBasic()
    {
        m_authenticationType = "Basic";
        m_canPreAuthenticate = false;
    } //CustomBasic

    // Define the authentication type. This type is then used to identify
 this
    // custom authentication module. The default is set to Basic.
    /** @property
     */
    public String get_AuthenticationType()
    {
        return m_authenticationType;
    } //get_AuthenticationType

    // Define the pre-authentication capabilities for the module. 
    // The default is set to false.
    /** @property
     */
    public boolean get_CanPreAuthenticate()
    {
        return m_canPreAuthenticate;
    } //get_CanPreAuthenticate

    // The CheckChallenge method checks whether the challenge sent by
 the 
    // HttpWebRequest contains the correct type (Basic) and the correct
 
    // domain name. Note: The challenge is in the form BASIC  
    // REALM="DOMAINNAME"; the Internet Web site must reside
 on a server whose
    // domain name is equal to DOMAINNAME.
    public boolean CheckChallenge(String challenge, String domain)
    {
        boolean challengePasses = false;
        String tempChallenge = challenge.ToUpper();

        // Verify that this is a Basic authorization request and that
 the 
        // requested domain is correct. Note: When the domain is an
 empty 
        // string, the following code only checks  whether the authorization
 
        // type is Basic.
        if (tempChallenge.IndexOf("BASIC") != -1) {
            if (domain.Equals("") == false)
 {
                if (tempChallenge.IndexOf(domain.ToUpper()) !=
 -1) {
                    challengePasses = true;
                }
                else {
                    // The domain is not allowed and the authorization
 
                    // type is Basic.
                    challengePasses = false;
                }
            }                
            else {
                // The domain is a blank string and the authorization
 type is
                // Basic.
                challengePasses = true;
            }
        }
        return challengePasses;
    } //CheckChallenge

    // The PreAuthenticate method specifies whether the authentication
 
    // implemented  by this class allows pre-authentication. 
    // Even if you do not use it, this method must be implemented to
 
    // obey to the rules of interface implementation.
    // In this case it always returns null. 
    public Authorization PreAuthenticate(WebRequest request, 
        ICredentials credentials)
    {
        return null;
    } //PreAuthenticate

    // Authenticate is the core method for this custom authentication.
    // When an Internet resource requests authentication, the WebRequest.
    // GetResponse  method calls the AuthenticationManager.Authenticate
 method. 
    // This method, in  turn, calls the Authenticate method on each
 of the 
    // registered authentication modules, in the order in which they
 were 
    // registered. When the authentication is  complete an Authorization
 object 
    // is returned to the WebRequest.
    public Authorization Authenticate(
        String challenge, WebRequest request, ICredentials credentials)
    {
        Encoding ascii = Encoding.get_ASCII();

        // Get the username and password from the credentials
        NetworkCredential myCreds = credentials.GetCredential(
                                    request.get_RequestUri(), "Basic");
        if (PreAuthenticate(request, credentials) == null)
 {
            Console.WriteLine("\n Pre-authentication is not allowed.");
        }
        else {
            Console.WriteLine("\n Pre-authentication is allowed.");
        }

        // Verify that the challenge satisfies the authorization requirements.
        boolean challengeOk = CheckChallenge(challenge, myCreds.get_Domain());

        if (!(challengeOk)) {
            return null;
        }
        // Create the encrypted string according to the Basic authentication
 
        // format as follows:
        // a)Concatenate the username and password separated by colon;
        // b)Apply ascii encoding to obtain a stream of bytes;
        // c)Apply Base64 encoding to this array of bytes to obtain the
 encoded 
        // authorization.
        String basicEncrypt = myCreds.get_UserName() + ":" 
            + myCreds.get_Password();
        String basicToken = "Basic " 
            + Convert.ToBase64String(ascii.GetBytes(basicEncrypt));

        // Create an Authorization object using the encoded
        // authorization above.
        Authorization resourceAuthorization = new Authorization(basicToken);

        // Get the Message property, which contains the authorization
 string 
        // that the client returns to the server when accessing protected
 
        // resources.
        Console.WriteLine("\n Authorization Message:{0}", 
            resourceAuthorization.get_Message());

        // Get the Complete property, which is set to true when the
 
        // authentication process between the client and the
        // server is finished.
        Console.WriteLine("\n Authorization Complete:{0}", 
            System.Convert.ToString(resourceAuthorization.get_Complete()));

        Console.WriteLine("\n Authorization ConnectionGroupId:{0}", 
            resourceAuthorization.get_ConnectionGroupId());
        return resourceAuthorization;
    } //Authenticate
} //CustomBasic

継承階層

System.Object
  System.Net.AuthenticationManager

スレッド セーフ

この型の public static (Visual Basic では Shared) メンバはすべて、スレッド セーフです。インスタンス メンバの場合は、スレッド セーフであるとは限りません。

プラットフォーム

Windows 98, Windows 2000 SP4, Windows CE, Windows Millennium Edition, Windows Mobile for Pocket PC, Windows Mobile for Smartphone, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。

バージョン情報

.NET Framework
サポート対象 : 2.0、1.1、1.0
.NET Compact Framework
サポート対象 : 2.0、1.0

参照

関連項目
AuthenticationManager メンバ
System.Net 名前空間

---

AuthenticationManager プロパティ

パブリック プロパティ

	名前	説明
	RegisteredModules	認証マネージャで登録されている認証モジュールの一覧を取得します。

参照

関連項目

AuthenticationManager クラス
System.Net 名前空間

---

AuthenticationManager メソッド

パブリック メソッド

( プロテクト メソッド も参照)

	名前	説明
	Authenticate	認証要求に応答できる最初のモジュールを検出するには、各登録済み認証モジュールを呼び出します。
	Equals	オーバーロードされます。 2 つの Object インスタンスが等しいかどうかを判断します。 ( Object から継承されます。)
	GetHashCode	特定の型のハッシュ関数として機能します。GetHashCode は、ハッシュ アルゴリズムや、ハッシュ テーブルのようなデータ構造での使用に適しています。 ( Object から継承されます。)
	GetType	現在のインスタンスの Type を取得します。 ( Object から継承されます。)
	PreAuthenticate	要求の事前認証を行います。
	ReferenceEquals	指定した複数の Object インスタンスが同一かどうかを判断します。 ( Object から継承されます。)
	Register	認証マネージャで認証モジュールを登録します。
	ToString	現在の Object を表す String を返します。 ( Object から継承されます。)
	Unregister	オーバーロードされます。 登録済みモジュールの一覧から認証モジュールを削除します。

プロテクト メソッド

	名前	説明
	Finalize	Object がガベージ コレクションにより収集される前に、その Object がリソースを解放し、その他のクリーンアップ操作を実行できるようにします。 ( Object から継承されます。)
	MemberwiseClone	現在の Object の簡易コピーを作成します。 ( Object から継承されます。)

参照

関連項目

AuthenticationManager クラス
System.Net 名前空間

---

AuthenticationManager メンバ

クライアント認証プロセス中に呼び出される認証モジュールを管理します。

AuthenticationManager データ型で公開されるメンバを以下の表に示します。

パブリック プロパティ

	名前	説明
	RegisteredModules	認証マネージャで登録されている認証モジュールの一覧を取得します。

パブリック メソッド

( プロテクト メソッド も参照)

	名前	説明
	Authenticate	認証要求に応答できる最初のモジュールを検出するには、各登録済み認証モジュールを呼び出します。
	Equals	オーバーロードされます。 2 つの Object インスタンスが等しいかどうかを判断します。 (Object から継承されます。)
	GetHashCode	特定の型のハッシュ関数として機能します。GetHashCode は、ハッシュ アルゴリズムや、ハッシュ テーブルのようなデータ構造での使用に適しています。 (Object から継承されます。)
	GetType	現在のインスタンスの Type を取得します。 (Object から継承されます。)
	PreAuthenticate	要求の事前認証を行います。
	ReferenceEquals	指定した複数の Object インスタンスが同一かどうかを判断します。 (Object から継承されます。)
	Register	認証マネージャで認証モジュールを登録します。
	ToString	現在の Object を表す String を返します。 (Object から継承されます。)
	Unregister	オーバーロードされます。 登録済みモジュールの一覧から認証モジュールを削除します。

プロテクト メソッド

	名前	説明
	Finalize	Object がガベージ コレクションにより収集される前に、その Object がリソースを解放し、その他のクリーンアップ操作を実行できるようにします。 (Object から継承されます。)
	MemberwiseClone	現在の Object の簡易コピーを作成します。 (Object から継承されます。)

参照

関連項目

AuthenticationManager クラス
System.Net 名前空間