IntranetZoneCredentialPolicy.ShouldSendCredential Method

Reference

Definition

Namespace:: Microsoft.Win32

Assembly:: System.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Returns a Boolean that indicates whether the client's credentials are sent with a request for a resource that was made using WebRequest.

public:
 virtual bool ShouldSendCredential(Uri ^ challengeUri, System::Net::WebRequest ^ request, System::Net::NetworkCredential ^ credential, System::Net::IAuthenticationModule ^ authModule);

public virtual bool ShouldSendCredential (Uri challengeUri, System.Net.WebRequest request, System.Net.NetworkCredential credential, System.Net.IAuthenticationModule authModule);

abstract member ShouldSendCredential : Uri * System.Net.WebRequest * System.Net.NetworkCredential * System.Net.IAuthenticationModule -> bool
override this.ShouldSendCredential : Uri * System.Net.WebRequest * System.Net.NetworkCredential * System.Net.IAuthenticationModule -> bool

Public Overridable Function ShouldSendCredential (challengeUri As Uri, request As WebRequest, credential As NetworkCredential, authModule As IAuthenticationModule) As Boolean

Parameters

challengeUri: Uri

The Uri that will receive the request.

request: WebRequest

The WebRequest that represents the resource being requested.

credential: NetworkCredential

The NetworkCredential that will be sent with the request if this method returns true.

authModule: IAuthenticationModule

The IAuthenticationModule that will conduct the authentication, if authentication is required.

Returns

Boolean

true if the requested resource is in the same domain as the client making the request; otherwise, false.

Implements

ShouldSendCredential(Uri, WebRequest, NetworkCredential, IAuthenticationModule)

Examples

The following code example demonstrates deriving from IntranetZoneCredentialPolicy to allow credentials to be sent for requests that use Secure Hypertext Transfer Protocol (HTTPS) with basic authentication. Using HTTPS and basic authentication, the user password is encrypted before being sent over the network.

// The following class allows credentials to be sent if they are for requests for resources
// in the same domain, or if the request uses the HTTPSscheme and basic authentication is 
// required.
public ref class HttpsBasicCredentialPolicy: public IntranetZoneCredentialPolicy
{
public:
   HttpsBasicCredentialPolicy(){}

   virtual bool ShouldSendCredential( Uri^ challengeUri, WebRequest^ request, NetworkCredential^ credential, IAuthenticationModule^ authModule ) override
   {
      Console::WriteLine( L"Checking custom credential policy for HTTPS and basic." );
      bool answer = IntranetZoneCredentialPolicy::ShouldSendCredential( challengeUri, request, credential, authModule );
      if ( answer == true )
      {
         Console::WriteLine( L"Sending credential for intranet resource." );
         return answer;
      }

      // Determine whether the base implementation returned false for basic and HTTPS.
      if ( request->RequestUri->Scheme == Uri::UriSchemeHttps && authModule->AuthenticationType->Equals( L"Basic" ) )
      {
         Console::WriteLine( L"Sending credential for HTTPS and basic." );
         return true;
      }

      return false;
   }
};

// The following class allows credentials to be sent if they are for requests for resources
// in the same domain, or if the request uses the HTTPSscheme and basic authentication is
// required.

       public class HttpsBasicCredentialPolicy: IntranetZoneCredentialPolicy
    {
        public HttpsBasicCredentialPolicy()
        {
        }

        public override bool ShouldSendCredential(Uri challengeUri,
            WebRequest request,
            NetworkCredential credential,
            IAuthenticationModule authModule)
        {
            Console.WriteLine("Checking custom credential policy for HTTPS and basic.");
            bool answer = base.ShouldSendCredential(challengeUri, request, credential, authModule);

            if (answer == true)
            {
                Console.WriteLine("Sending credential for intranet resource.");
                return answer;
            }
            // Determine whether the base implementation returned false for basic and HTTPS.
            if (request.RequestUri.Scheme == Uri.UriSchemeHttps &&
                authModule.AuthenticationType == "Basic")
            {
                Console.WriteLine("Sending credential for HTTPS and basic.");
                return true;
            }
            return false;
        }
    }

Remarks

Applications do not call this method directly; it is called by the IAuthenticationModule that is responsible for performing authentication with the server. If this method returns false, the IAuthenticationModule will not authenticate the client to the server.

This method is called only for requests that specify credentials or use a WebProxy object that specifies credentials.

Applies to