我们正在使用 HttpClient 联系 REST 服务,我们知道这需要 NTLM 或协商授权。
问题是 HttpClient 将首先在没有授权的情况下联系服务(这称为挑战-响应吗?)。客户端以 401 被服务器拒绝,然后客户端才会使用 Authorization 标头向服务器发送请求。
我们可以通过在第一个请求中添加 Authorization 标头来避免这种往返吗?
我们正在创建这样的http-client(问题与“NTLM”和“Negotiate”相同):
public Rest.IRestClient Create()
{
var credentials = new CredentialCache { { _uri, "NTLM", CredentialCache.DefaultNetworkCredentials } };
#if NETCOREAPP2_2
var handler = new SocketsHttpHandler { Credentials = credentials, MaxConnectionsPerServer = 100, UseProxy = false };
#elif NET461
var handler = new WebRequestHandler { Credentials = credentials, UnsafeAuthenticatedConnectionSharing = true, MaxConnectionsPerServer = 100, UseProxy = false };
#endif
var httpClient = new HttpClient(handler) { BaseAddress = _uri, Timeout = _timeout };
httpClient.DefaultRequestHeaders.ConnectionClose = false;
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue(HostMediaTypeTranslator.GetMediaType(_hostMediaType)));
if (_defaultRequestHeaders != null)
{
foreach (var header in _defaultRequestHeaders)
httpClient.DefaultRequestHeaders.Add(header.Name, header.Value);
}
ServicePointManager.FindServicePoint(_uri).ConnectionLeaseTimeout = 120 * 1000; // Close connection after two minutes
return new Rest.RestClient(httpClient, _hostMediaType);
}
是否可以只创建我们自己的 NTLM 或 Kerberos 令牌并将其作为标头添加到 http-request?