Networking System [00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ] 1.0.x.x 1.0.5000.0 2.0.0.0 4.0.0.0 All public static members of this type are safe for multithreaded operations. No instance members are guaranteed to be thread safe. System.Object is a static class that manages the authentication modules that an application uses. When a request is made to protected resources, the calls the method to get an instance to use in subsequent requests. The queries each registered authentication module by calling the method for each module. The first authentication module to return an instance is used to authenticate the request. Modules that provide the basic, digest, negotiate, NTLM, and Kerberos authentication types are registered with the by default. Additional authentication modules that implement the interface can be added using the method. Authentication modules are called in the order in which they were added to the list. The Kerberos and negotiate authentication type is not supported on Windows 95/98 or Windows NT 4.0.

Manages the authentication modules called during the client authentication process.

Method 1.0.5000.0 2.0.0.0 4.0.0.0 System.Net.Authorization , , or is . The method calls the method on each registered authentication module until one of the module responds with an instance. The first instance returned is used to authenticate the request. If no authentication module can authenticate the request, the method returns null. Authentication modules are called in the order in which they are registered with the .

Calls each registered authentication module to find the first module that can respond to the authentication request.

An instance of the class containing the result of the authorization attempt. If there is no authentication module to respond to the challenge, this method returns null. The challenge returned by the Internet resource. The that initiated the authentication challenge. The associated with this request. 0 Property 2.0.0.0 4.0.0.0 System.Net.ICredentialPolicy To be added. The credential policy determines whether to send credentials when sending a request for a network resource, such as the content of a Web page. If credentials are sent, servers that require client authentication can attempt to authenticate the client when the request is received instead of sending a response indicating that the client's credentials are required. While this saves a round trip to the server, this must be balanced against the security risk inherent in sending credentials across the network. When the destination server does not require client authentication it is best to not send credentials. The credential policy will be called only for requests that specify credentials or use a object that specifies credentials.

Gets or sets the credential policy to be used for resource requests made using the class.

Property 2.0.0.0 4.0.0.0 System.MonoTODO System.Collections.Specialized.StringDictionary To be added. An SPN is a name by which a client uniquely identifies an instance of a service or application on a server for purposes of mutual authentication. Mutual authentication is requested by default, and you can require it by setting to in your request. When a requires mutual authentication, the SPN for the destination must be supplied by the client. If you know the SPN, you can add it to the before sending the request. If you have not added SPN information to this dictionary, the uses the method to compose the most likely SPN; however, this is a computed value and might be incorrect. If mutual authentication is attempted and fails, you can check the dictionary to determine the computed SPN. No SPN is entered into the dictionary if the authentication protocol does not support mutual authentication. To add an SPN value to this dictionary, use the of the as the key. Internally, the key is truncated to include the , , and the if it is not the default port. Accessing the methods and properties of the requires unrestricted . When Kerberos authentication is performed through a proxy, both the proxy and the ultimate host name need to be resolved to an SPN. The proxy name resolution is protected by a timeout. Resolution of the ultimate host name to a SPN requires a DNS lookup, and there is no timeout associated directly with this operation. Therefore synchronous operations may take longer to timeout. To overcome this, add the ultimate host's URI prefix to the SPN cache prior to making requests to it. Version 3.5 SP1 now defaults to specifying the host name used in the request URL in the SPN in the NTLM (NT LAN Manager) authentication exchange when the property is not set. The host name used in the request URL may be different from the Host header specified in the in the client request. The host name used in the request URL may be different from the actual host name of the server, the machine name of the server, the computer's IP address, or the loopback address. In these cases, Windows will fail the authentication request. To address the issue, you may need to notify Windows that the host name used in the request URL in the client request ("contoso", for example) is actually an alternate name for the local computer.

Gets the dictionary that contains Service Principal Names (SPNs) that are used to identify hosts during Kerberos authentication for requests made using and its derived classes.

Method 1.0.5000.0 2.0.0.0 4.0.0.0 System.Net.Authorization is If the authentication module can preauthenticate the request, the method returns an Authentication instance and sends the authorization information to the server preemptively instead of waiting for the resource to issue a challenge. This behavior is outlined in section 3.3 of RFC 2617 (HTTP Authentication: Basic and Digest Access Authentication). Authentication modules that support preauthentication allow clients to improve server efficiency by avoiding extra round trips caused by authentication challenges. Authorization modules that can preauthenticate requests set the property to true.

Preauthenticates a request.

An instance of the class if the request can be preauthenticated; otherwise, null. If is null, this method returns null. A to an Internet resource. The associated with the request. 0 Method 1.0.5000.0 2.0.0.0 4.0.0.0 System.Void is . The method adds authentication modules to the end of the list of modules called by the method. Authentication modules are called in the order in which they were added to the list. If a module with the same is already registered, this method removes the registered module and adds to the end of the list.

Registers an authentication module with the authentication manager.

The to register with the authentication manager. 0 Property 1.0.5000.0 2.0.0.0 4.0.0.0 System.Collections.IEnumerator A that provides access to the list of registered authentication modules. The property provides an instance that enables the list of registered authentication modules to be read. The method adds modules to the list, and the method removes modules from it.

Gets a list of authentication modules that are registered with the authentication manager.

0 Method 1.0.5000.0 2.0.0.0 4.0.0.0 System.Void is . is not a registered authentication module. The method removes the specified authentication module from the list of authentication modules called by the method. The module must have been added to the list using the method before it can be removed from the list.

Removes the specified authentication module from the list of registered modules.

The to remove from the list of registered modules. 0 Method 1.0.5000.0 2.0.0.0 4.0.0.0 System.Void is . There is no registered module with the authentication type. The method removes the authentication module with the specified authentication scheme from the list of authentication modules called by the method. The module must have been added to the list using the method before it can be removed from the list.

Removes authentication modules with the specified authentication scheme from the list of registered modules.

The authentication scheme of the module to remove. 0 0