HttpWebRequest.PreAuthenticate Property

Definition

Gets or sets a value that indicates whether to send an Authorization header with the request.

public:
 virtual property bool PreAuthenticate { bool get(); void set(bool value); };
public override bool PreAuthenticate { get; set; }
member this.PreAuthenticate : bool with get, set
Public Overrides Property PreAuthenticate As Boolean

Property Value

true to send an HTTP Authorization header with requests after authentication has taken place; otherwise, false. The default is false.

Remarks

After a client request to a specific Uri is successfully authenticated, if PreAuthenticate is true and credentials are supplied, the Authorization header is sent with each request to any Uri that matches the specific Uri up to the last forward slash. So if the client request successfully authenticated to a specific Uri that contains the following:

http://www.contoso.com/firstpath/

Then the Authorization header for preauthentication is sent with each request to any of the following Uri instances:

http://www.contoso.com/firstpath/

http://www.contoso.com/firstpath/default

http://www.contoso.com/firstpath/default.html

http://www.contoso.com/firstpath/sample.html

However, the Authorization header is not sent with requests to any of the following Uri instances:

http://www.contoso.com/

http://www.contoso.com/firstpath

http://www.contoso.com/secondpath/

http://www.contoso.com/firstpath/thirdpath/

If the client request to a specific Uri is not successfully authenticated, the request uses standard authentication procedures.

With the exception of the first request, the PreAuthenticate property indicates whether to send authentication information with subsequent requests to a Uri that matches the specific Uri up to the last forward slash without waiting to be challenged by the server.

The following dialog between client and server illustrates the effect of this property. The dialog assumes that basic authentication is in use.

PreAuthenticate is false:

Client: GET someUrl

Server: 401 WWW-Authenticate Basic

Client: GET with Authorization headers

Server: 200 OK

Client: GET someUrl

Server: 401 WWW-Authenticate Basic

Client: GET with Authorization headers

Server: 200 OK

PreAuthenticate is true:

Client: GET someUrl

Server: 401 WWW-Authenticate Basic

Client: GET with Authorization headers

Server: 200 OK

Client: GET someUrl with Authorization headers

If the authentication scheme does not support preauthentication, the value of this property is ignored.

Applies to