How does NetworkCredential in C# works when assigned to a HttpRequest object?
Question
I want to know how NetworkCredentials are passed over an http request. Do they get passed as HTTPHeaders, RequestData or there is something else that carries the information.
I tried creating a sample app and checked the fiddler logs. I don't see it being added as HTTPHeader so what carries that information.
Here is the sample code I tried:
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://gmail.com");
request.Method = "GET";
request.ContentType = "application/json";
request.UserAgent = "Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0";
request.Credentials = new NetworkCredential("TestUser", "Password-1");
1 answers
solution1
0 2017-05-02 13:54:20
From the following MSDN page;
Supported authentication schemes include Digest, Negotiate, Kerberos, NTLM, and Basic. https://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.credentials(v=vs.110).aspx
So it will depend, usually I guess it will pick the most secure and available method... However it also says;
To restrict HttpWebRequest to one or more authentication methods, use the CredentialCache class and bind your credentials to one or more authentication schemes
So if you wished it to be used as headers I suppose you could restrict it to only using Basic authentication using the CredentialCache object;
https://msdn.microsoft.com/en-us/library/system.net.credentialcache(v=vs.110).aspx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.