Defines a credential policy to be used for resource requests that are made using WebRequest and its derived classes.
Assembly: System (in System.dll)
Thetype exposes the following members.
|Equals(Object)||Determines whether the specified object is equal to the current object. (Inherited from Object.)|
|Finalize||Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)|
|GetHashCode||Serves as the default hash function. (Inherited from Object.)|
|GetType||Gets the Type of the current instance. (Inherited from Object.)|
|MemberwiseClone||Creates a shallow copy of the current Object. (Inherited from Object.)|
|ShouldSendCredential||Returns a Boolean that indicates whether the client's credentials are sent with a request for a resource that was made using WebRequest.|
|ToString||Returns a string that represents the current object. (Inherited from Object.)|
This policy allows credentials to be sent only if the requested resource is in the same domain as the client that is making the request. For many applications this is the optimal policy because it prevents network credentials from being sent with requests for resources that are not on the intranet.
ICredentialPolicy policies are invoked only if the WebRequest or the WebProxy that is associated with the request has credentials that are not null. Setting this policy has no effect on requests that do not specify credentials.
Use the AuthenticationManager.CredentialPolicy property to set the policy. The IAuthenticationModule that handles authentication for the request will invoke the ShouldSendCredential method before performing the authentication. If the requested resource is in a different domain than the client, the ShouldSendCredential method returns false, and authentication is not performed.
This policy affects all instances of WebRequest with non-null credentials in the current application domain. The policy cannot be overridden on individual requests.
The following code example demonstrates creating an instance of and using it to set the credential policy for the application domain.