HttpListener.UnsafeConnectionNtlmAuthentication 屬性

定義

取得或設定 Boolean 值,控制使用 NTLM 時,是否必須驗證其他使用相同傳輸控制通訊協定 (TCP) 連接的要求。Gets or sets a Boolean value that controls whether, when NTLM is used, additional requests using the same Transmission Control Protocol (TCP) connection are required to authenticate.

public:
 property bool UnsafeConnectionNtlmAuthentication { bool get(); void set(bool value); };
public bool UnsafeConnectionNtlmAuthentication { get; set; }
member this.UnsafeConnectionNtlmAuthentication : bool with get, set
Public Property UnsafeConnectionNtlmAuthentication As Boolean

屬性值

如果第一個要求的 IIdentity 將用於相同連接上的後續要求,則為 true;否則為 falsetrue if the IIdentity of the first request will be used for subsequent requests on the same connection; otherwise, false. 預設值為 falseThe default value is false.

例外狀況

此物件已關閉。This object has been closed.

範例

下列程式碼範例將示範如何設定這個屬性。The following code example demonstrates setting this property.

public static void SimpleListenerWithUnsafeAuthentication(string[] prefixes)
{
    // URI prefixes are required,
    // for example "http://contoso.com:8080/index/".
    if (prefixes == null || prefixes.Length == 0)
      throw new ArgumentException("prefixes");
    // Set up a listener.
    HttpListener listener = new HttpListener();
    foreach (string s in prefixes)
    {
        listener.Prefixes.Add(s);
    }
    listener.Start();
    // Specify Negotiate as the authentication scheme.
    listener.AuthenticationSchemes = AuthenticationSchemes.Negotiate;
    // If NTLM is used, we will allow multiple requests on the same
    // connection to use the authentication information of first request.
    // This improves performance but does reduce the security of your 
    // application. 
    listener.UnsafeConnectionNtlmAuthentication = true;
    // This listener does not want to receive exceptions 
    // that occur when sending the response to the client.
    listener.IgnoreWriteExceptions = true;
    Console.WriteLine("Listening...");
    // ... process requests here.

    listener.Close();
}
Public Shared Sub SimpleListenerWithUnsafeAuthentication(ByVal prefixes As String())
    ' URI prefixes are required,
    ' for example "http://contoso.com:8080/index/".
    If prefixes Is Nothing OrElse prefixes.Length = 0 Then Throw New ArgumentException("prefixes")
    ' Set up a listener.
    Dim listener As HttpListener = New HttpListener()

    For Each s As String In prefixes
        listener.Prefixes.Add(s)
    Next

    listener.Start()
    ' Specify Negotiate as the authentication scheme.
    listener.AuthenticationSchemes = AuthenticationSchemes.Negotiate
    ' If NTLM Is used, we will allow multiple requests on the same
    ' connection to use the authentication information of first request.
    ' This improves performance but does reduce the security of your 
    ' application. 
    listener.UnsafeConnectionNtlmAuthentication = True
    ' This listener does Not want to receive exceptions 
    ' that occur when sending the response to the client.
    listener.IgnoreWriteExceptions = True
    Console.WriteLine("Listening...")
    ' ... process requests here.

    listener.Close()
End Sub

備註

當此屬性設定為 true,且特定 TCP 連線上的第一個要求是使用 NTLM 進行驗證時,會使用初始要求的驗證資訊(IIdentity)處理相同 TCP 連線上的後續要求。When this property is set to true and the first request over a particular TCP connection is authenticated using NTLM, subsequent requests over the same TCP connection are processed using the authentication information (IIdentity) of the initial request.

當 NTLM 不是驗證通訊協定時,這個屬性不會有任何作用。This property has no effect when NTLM is not the authentication protocol. 當 Negotiate 指定為驗證通訊協定時,只有在 NTLM 是用於驗證的實際通訊協定時,此屬性才會生效。When Negotiate is specified as the authentication protocol, this property has an effect only if NTLM is the actual protocol used for authentication.

注意

將此屬性設定為 true 會提高效能,因為 HttpListener 不會傳送額外的 NTLM 驗證挑戰,所以不需要所有要求來提供驗證資訊,會有安全性風險。While setting this property to true increases performance because the HttpListener does not send additional NTLM authentication challenges, there is a security risk in not requiring all requests to provide authentication information. 您必須決定是否值得冒這個風險以提升效能。You must determine whether the increase in performance is worth this risk.

適用於