Re: Authentication Enhancements
- From: Dan Winship <danw gnome org>
- To: Matthew Metnetsky <met uberstats com>
- Cc: libsoup-list gnome org
- Subject: Re: Authentication Enhancements
- Date: Thu, 03 Jan 2013 10:15:52 -0500
On 12/17/2012 04:54 PM, Matthew Metnetsky wrote:
> All,
Hey. Sorry for the delay... holidays, etc...
> I'm looking into adding Windows support for NTLM/Negotiate and was
> hoping to receive some general guidance so that its done in a way that
> honors your existing goals and design.
Cool. You might want to look at
https://bugzilla.gnome.org/show_bug.cgi?id=587145, which is about adding
Negotiate support on Linux, which is vaguely related...
I actually did a bunch of hacking on this at the WebKitGTK+ Hackfest
last month, and over Christmas/New Year's vacation, so you should check
at the latest git master; a bunch of stuff has moved around (hopefully
in ways that will help you).
> With that said, the current NTLM support built on-top of Samba tries to
> grab the username from the environment, which doesn't seem as versatile
> as it should be. I would like to start by having a way to send
> user[/pass] down through the objects. However, the only way I see to go
> about setting the "Authorization" header is either explicitly, or
> through the "authenticate" signal. The former requires redundant code,
> whereas the latter is reactionary.
You can also pass a username and password in via the request-URI. Eg:
msg = soup_message_new ("GET",
"http://alice:sEcReT example com/test.html");
soup_session_send_message (session, msg);
...
though it's possible that doesn't currently work right with NTLM, or
with NTLM-if-you're-using-samba...
> I noticed the `soup_message_[get|set]_auth` functions which will set
> "Authorization", but they're private. Is there a harm to making these
> methods public or should "Authorization" be handled purely on
> SoupSession? If so, how?
So, actually, part of the new stuff I just committed is a function
soup_auth_manager_use_auth(), which should let you do:
auth_manager = SOUP_AUTH_MANAGER (soup_session_get_feature_by_type
(session, SOUP_TYPE_AUTH_MANAGER));
uri = soup_uri_new ("http://example.com/test.html";);
auth = g_object_new (SOUP_TYPE_AUTH_NTLM, NULL);
soup_auth_authenticate (auth, "alice", "sEcReT");
soup_auth_manager_use_auth (auth_manager, uri, auth);
g_object_unref (auth);
soup_uri_free (uri);
(though, as above, it's possible that this doesn't quite work yet. But
that would be a bug, and we could fix it).
-- Dan
[Date Prev][
Date Next] [Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
