internal string GetComputeSpn(HttpWebRequest httpWebRequest)
{
if (ChallengedSpn != null)
return ChallengedSpn;
string spnKey = httpWebRequest.ChallengedUri.GetParts(UriComponents.Scheme | UriComponents.Host | UriComponents.Port | UriComponents.Path, UriFormat.SafeUnescaped);
string spn = AuthenticationManager.SpnDictionary.InternalGet(spnKey);
if (spn == null)
{
if (!IsProxyAuth && httpWebRequest.ServicePoint.InternalProxyServicePoint)
{
// Here the NT-Security folks need us to attempt a DNS lookup to figure out
// the FQDN. only do the lookup for short names (no IP addresses or DNS names)
//
// Initialize a backup value
spn = httpWebRequest.ChallengedUri.Host;
if (httpWebRequest.ChallengedUri.HostNameType!=UriHostNameType.IPv6 && httpWebRequest.ChallengedUri.HostNameType!=UriHostNameType.IPv4 && spn.IndexOf('.') == -1)
{
try {
spn = Dns.InternalGetHostByName(spn).HostName;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::GetComputeSpn() Dns returned host:" + ValidationHelper.ToString(spn));
}
catch (Exception exception) {
if (NclUtilities.IsFatal(exception)) throw;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::GetComputeSpn() GetHostByName(host) failed:" + ValidationHelper.ToString(exception));
}
}
}
else
{
spn = httpWebRequest.ServicePoint.Hostname;
}
spn = "HTTP/" + spn;
spnKey = httpWebRequest.ChallengedUri.GetParts(UriComponents.SchemeAndServer, UriFormat.SafeUnescaped) + "/";
AuthenticationManager.SpnDictionary.InternalSet(spnKey, spn);
}
return ChallengedSpn = spn;
}
//
