![](/img/trans.png)
[英]Authenticating MQTT client on the MQTT server by username and password in C# asp.net core 2.1
[英]C# ASP.NET Core 2.1 Linux NTLM Apache 2.2 - Get username?
我们是 .NET 核心的新手。 我们有一个 ASP.NET Core 2.1 应用程序,它由我们的系统管理团队使用 Apache 2.2 代理在 Linux 服务器上托管。 用户将在浏览器中启动我们的应用程序 URL,Apache 代理将接收请求并将其转发到 Linux 服务器上的应用程序。
一切正常,我们能够自己进行持续的开发和部署。 现在我们开始保护我们的应用程序,我们公司决定在我们的应用程序中添加 Windows 身份验证。 在系统管理团队完成他们的工作后,我们开始低于请求 Header 中的关键值。
我们正在尝试在我们的 ASP.NET Core 2.1 应用程序中编写 C# 代码来获取用户名。 我们觉得 Key: Authorization 的值是加密的,里面会有用户名。 我们尝试了很多方法来解密它,但无法解密它。
有人可以帮忙,让我们知道在这种情况下如何获取用户名。
请参阅下面我正在尝试的代码。
if (!Request.Headers.ContainsKey("Authorization"))
{
string cookieValue = Request.Headers["Authorization"];
cookieValue= cookieValue.Substring("NTLM ".Length).Trim();
UTF8Encoding specialUtf8Encoding = new UTF8Encoding(false, true);
// below code do not work. How to get plain text ?
//byte[] protectedBytes = Base64UrlTextEncoder.Decode(cookieValue);
//string plainText = System.Text.ASCIIEncoding.ASCII.GetString(protectedBytes);
}
下面是我们在请求 Header 键和值中看到的内容
Key: Cache-Control, Value=max-age=0
Key: Connection, Value=Keep-Alive
Key: Accept, Value=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng
Key: Accept-Encoding, Value=gzip, deflate, br
Key: Accept-Language, Value=en-US,en;q=0.9
Key: Authorization, Value=NTLM TlRMTVNTUAADAAAAGAAYAIAAAABUAVQBmAAAAAwADABYAAAACAAIAGQAAAAUABQAbAAAAAAAAADsAQAABYKIogoA7kIAAAAPNSOWmAbXlPi5fhYGSO54RVAATQBBAF8ATgBCAHAAYwBhAG8AQQBOAFAAWABEAFcAVAAxADYANgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhmacrZwRfdlIkhEBBfdWjAQEAAAAAAACNce03PTXWAcU/7pwxmsPkAAAAAAIADABQAE0AQQBfAE4AQgABABAAQQBOAFQAVgBQAFcAUwAxAAQAJgBhAG0AZgAuAHAAYQBjAGkAZgBpAGMAbABpAGYAZQAuAG4A
Key: Cookie, Value=.AspNetCore.Antiforgery.Xf_oDoHBPRA=CfDJ8LQZvjci-adCv0t9XQ2PRfiQ6oFCKJDXb8Xe8d7Gd6wOtJc97d7fVTEUt8xrxjk9XYfqmyeGyO7iLAbWLKRTGPUVo9v2_zoRnCqVSrADnZPhBToSzxuoLf9u2QNcFTvkbYEOaNvphVotB4saPlb_osw
Key: Host, Value=dev.myweb.net:4443
Key: User-Agent, Value=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Key: Upgrade-Insecure-Requests, Value=1
Key: Sec-Fetch-Site, Value=none
Key: Sec-Fetch-Mode, Value=navigate
Key: Sec-Fetch-User, Value=?1
Key: Sec-Fetch-Dest, Value=document
Key: site, Value=dev.myweb.net
Key: port, Value=443
Key: X-Forwarded-For, Value=11.123.13.456
Key: X-Forwarded-Host, Value=dev.myweb.net:4443
Key: X-Forwarded-Server, Value=dev.myweb.net
我只是一名开发人员,但不是系统管理员。 经过大量阅读,研究,我能够解决这个问题。 首先,我将其缩小到 Aapche 服务器版本,我尝试过的是 Apache 2.4 的解决方案,但我们的解决方案是 Apache 2.2 。
在 Apache 2.2 服务器中,我们给出了以下配置。
<LocationMatch ^/mylocation>
AuthName "NTLM Authentication"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
NTLMBasicRealm xxx_yy
AuthType NTLM
require valid-user
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User %{RU}e
</LocationMatch>
In our C# ASP.NET Core 2.1 application we get below in HTTP Request Header for both http and https calls.
Key: Cache-Control, Value=max-age=0
Key: Connection, Value=Keep-Alive
Key: Accept, Value=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng
Key: Accept-Encoding, Value=gzip, deflate, br
Key: Accept-Language, Value=en-US,en;q=0.9
Key: Authorization, Value=NTLM TlRMTVNTUAADAAAAGAAYAIAAAABUAVQBmAAAAAwADABYAAAACAAIAGQAAAAUABQAbAAAAAAAAADsAQAABYKIogoA7kIAAAAPNSOWmAbXlPi5fhYGSO54RVAATQBBAF8ATgBCAHAAYwBhAG8AQQBOAFAAWABEAFcAVAAxADYANgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhmacrZwRfdlIkhEBBfdWjAQEAAAAAAACNce03PTXWAcU/7pwxmsPkAAAAAAIADABQAE0AQQBfAE4AQgABABAAQQBOAFQAVgBQAFcAUwAxAAQAJgBhAG0AZgAuAHAAYQBjAGkAZgBpAGMAbABpAGYAZQAuAG4A
Key: Cookie, Value=.AspNetCore.Antiforgery.Xf_oDoHBPRA=CfDJ8LQZvjci-adCv0t9XQ2PRfiQ6oFCKJDXb8Xe8d7Gd6wOtJc97d7fVTEUt8xrxjk9XYfqmyeGyO7iLAbWLKRTGPUVo9v2_zoRnCqVSrADnZPhBToSzxuoLf9u2QNcFTvkbYEOaNvphVotB4saPlb_osw
Key: Host, Value=dev.myweb.net:4443
Key: User-Agent, Value=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Key: Upgrade-Insecure-Requests, Value=1
Key: Sec-Fetch-Site, Value=none
Key: Sec-Fetch-Mode, Value=navigate
Key: Sec-Fetch-User, Value=?1
Key: Sec-Fetch-Dest, Value=document
Key: site, Value=dev.myweb.net
Key: port, Value=443
Key: X-Forwarded-For, Value=11.123.13.456
Key: X-Forwarded-Host, Value=dev.myweb.net:4443
Key: X-Forwarded-Server, Value=dev.myweb.net
Key: X-Remote-User, Value=xxx_yy\abcdefg
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.