Jamie Kurtze 在此处很好地解释了使用基本身份验证 ASP.NET Web API REST 安全基础

Jamie Kurtze provides a good explanation of using Basic Authentication here ASP.NET Web API REST Security Basics

据我所知，如果您希望您的请求是无状态的，那么每个请求都需要设置 Authentication 字段

From my understanding, if you want your requests to be stateless then each request will require the Authentication field to be set

Jamie Kurtze 将必要的代码包装在从 DelegateHandler 派生的类中，而 Rick Strahl 使用过滤器检查调用是否有效.您可以在他关于此主题的博客文章中阅读更多内容 WebAPI 基本身份验证授权过滤器

Jamie Kurtze wraps the necessary code in a class derived from DelegateHandler, while Rick Strahl checks if the call is valid using a Filter. You can read more at his blog post on this topic at A WebAPI Basic Authentication Authorization Filter