IntranetZoneCredentialPolicy.ShouldSendCredential Method (Uri, WebRequest, NetworkCredential, IAuthenticationModule)


Returns a Boolean that indicates whether the client's credentials are sent with a request for a resource that was made using WebRequest.

Namespace:   Microsoft.Win32
Assembly:  System (in System.dll)

public virtual bool ShouldSendCredential(
	Uri challengeUri,
	WebRequest request,
	NetworkCredential credential,
	IAuthenticationModule authModule


Type: System.Uri

The Uri that will receive the request.

Type: System.Net.WebRequest

The WebRequest that represents the resource being requested.

Type: System.Net.NetworkCredential

The NetworkCredential that will be sent with the request if this method returns true.

Type: System.Net.IAuthenticationModule

The IAuthenticationModule that will conduct the authentication, if authentication is required.

Return Value

Type: System.Boolean

true if the requested resource is in the same domain as the client making the request; otherwise, false.

Applications do not call this method directly; it is called by the IAuthenticationModule that is responsible for performing authentication with the server. If this method returns false, the IAuthenticationModule will not authenticate the client to the server.

This method is called only for requests that specify credentials or use a WebProxy object that specifies credentials.

The following code example demonstrates deriving from IntranetZoneCredentialPolicy to allow credentials to be sent for requests that use Secure Hypertext Transfer Protocol (HTTPS) with basic authentication. Using HTTPS and basic authentication, the user password is encrypted before being sent over the network.

// The following class allows credentials to be sent if they are for requests for resources
// in the same domain, or if the request uses the HTTPSscheme and basic authentication is 
// required.

       public class HttpsBasicCredentialPolicy: IntranetZoneCredentialPolicy
        public HttpsBasicCredentialPolicy()

        public override bool ShouldSendCredential(Uri challengeUri, 
            WebRequest request, 
            NetworkCredential credential, 
            IAuthenticationModule authModule)
            Console.WriteLine("Checking custom credential policy for HTTPS and basic.");
            bool answer = base.ShouldSendCredential(challengeUri, request, credential, authModule);

            if (answer == true)
                Console.WriteLine("Sending credential for intranet resource.");
                return answer;
            // Determine whether the base implementation returned false for basic and HTTPS.
            if (request.RequestUri.Scheme == Uri.UriSchemeHttps &&
                authModule.AuthenticationType == "Basic")
                Console.WriteLine("Sending credential for HTTPS and basic.");
                return true;
            return false;

.NET Framework
Available since 2.0
Return to top