C# 带有凭据的 WebClient 访问页面
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11118712/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
WebClient accessing page with credentials
提问by mko
I am trying to access a webpage on a same domain / same asp.net application, that is password protected. Credentials are the same both for webpage firing this call and webpage being accessed.
我正在尝试访问同一个域/同一个 asp.net 应用程序上的网页,该应用程序受密码保护。触发此调用的网页和正在访问的网页的凭据相同。
Here is the code, and I don't know why I always end up with a login form html code?
这是代码,不知道为什么我总是以登录表单的html代码结束?
using (WebClient client = new WebClient())
{
client.QueryString.Add("ID", "1040"); //add parameters
//client.Credentials = CredentialCache.DefaultCredentials;
//I tried to add credentials like this
client.Credentials = new NetworkCredential("username", "password");
string htmlCode = client.DownloadString("http://domain.loc/testpage.aspx");
}
采纳答案by Darin Dimitrov
I suspect that the web page that you are trying to access uses Forms Authentication. This means that you will have to provide a valid authentication cookie if you want to be able to access protected resources. And in order to obtain a valid authentication cookie you will have to first authenticate yourself by sending a POST request to the LogOn page which emits the cookie. Once you retrieve the cookie you will be able to send it along on subsequent requests on protected resources. You should also note that out of the box WebClientdoesn't support cookies. For this reason you could write a custom cookie aware web client:
我怀疑您尝试访问的网页使用了表单身份验证。这意味着如果您希望能够访问受保护的资源,则必须提供有效的身份验证 cookie。为了获得有效的身份验证 cookie,您必须首先通过向发出 cookie 的登录页面发送 POST 请求来对自己进行身份验证。检索 cookie 后,您将能够在对受保护资源的后续请求中将其发送。您还应该注意,开箱即用WebClient不支持 cookie。出于这个原因,您可以编写一个自定义 cookie 感知 Web 客户端:
public class CookieAwareWebClient : WebClient
{
public CookieAwareWebClient()
{
CookieContainer = new CookieContainer();
}
public CookieContainer CookieContainer { get; private set; }
protected override WebRequest GetWebRequest(Uri address)
{
var request = (HttpWebRequest)base.GetWebRequest(address);
request.CookieContainer = CookieContainer;
return request;
}
}
Now you could use this client to fire off the 2 requests:
现在您可以使用此客户端来触发 2 个请求:
using (var client = new CookieAwareWebClient())
{
var values = new NameValueCollection
{
{ "username", "john" },
{ "password", "secret" },
};
client.UploadValues("http://domain.loc/logon.aspx", values);
// If the previous call succeeded we now have a valid authentication cookie
// so we could download the protected page
string result = client.DownloadString("http://domain.loc/testpage.aspx");
}
Obviously due to the ViewState crapiness of ASP.NET you might need to send a couple of other parameters along your logon request. Here's what you could do: authenticate in a web browser and look with FireBug the exact parameters and headers that need to be sent.
显然,由于 ASP.NET 的 ViewState 问题,您可能需要在登录请求中发送一些其他参数。您可以执行以下操作:在 Web 浏览器中进行身份验证并使用 FireBug 查看需要发送的确切参数和标头。
