AuthenticationManager::CredentialPolicy Property


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Gets or sets the credential policy to be used for resource requests made using the HttpWebRequest class.

Namespace:   System.Net
Assembly:  System (in System.dll)

property ICredentialPolicy^ CredentialPolicy {
	static ICredentialPolicy^ get();
	static void set(ICredentialPolicy^ value);

Property Value

Type: System.Net::ICredentialPolicy^

An object that implements the ICredentialPolicy interface that determines whether credentials are sent with requests. The default value is null.

The credential policy determines whether to send credentials when sending a request for a network resource, such as the content of a Web page. If credentials are sent, servers that require client authentication can attempt to authenticate the client when the request is received instead of sending a response indicating that the client's credentials are required. While this saves a round trip to the server, this must be balanced against the security risk inherent in sending credentials across the network. When the destination server does not require client authentication it is best to not send credentials.

The credential policy will be called only for requests that specify credentials or use a WebProxy object that specifies credentials.

The following code example demonstrates setting the credential policy.

static void UseIntranetCredentialPolicy()
   IntranetZoneCredentialPolicy^ policy = gcnew IntranetZoneCredentialPolicy;
   AuthenticationManager::CredentialPolicy = policy;

.NET Framework
Available since 2.0
Return to top