Review Request 126991: Try multiple authentication methods in case of failures

David Faure faure at kde.org
Sat Feb 6 10:04:05 UTC 2016 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126991/#review92112
-----------------------------------------------------------




src/ioslaves/http/http.cpp (line 5413)
<https://git.reviewboard.kde.org/r/126991/#comment62842>

    qCDebug(KIO_HTTP)



src/ioslaves/http/http.cpp (line 5435)
<https://git.reviewboard.kde.org/r/126991/#comment62843>

    .at(0) to avould a detach.
    
    Also, what if the auth token is empty? Can split() return an empty list then, and this would go out of bounds? In general, building a list just to get the first item is a bit wasteful, this could be done with something like left(indexOf(' ')) -- well, depending on how you want this to behave if there is no space in the auth token; my suggestion would lead to an empty string while your current code would take the whole string.



src/ioslaves/http/http.cpp (line 5521)
<https://git.reviewboard.kde.org/r/126991/#comment62844>

    (*auth)->scheme().trimmed() is repeated, I would use a local var


- David Faure


On Feb. 5, 2016, 11:56 a.m., Krzysztof Nowicki wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/126991/
> -----------------------------------------------------------
> 
> (Updated Feb. 5, 2016, 11:56 a.m.)
> 
> 
> Review request for KDE Frameworks and Dawit Alemayehu.
> 
> 
> Repository: kio
> 
> 
> Description
> -------
> 
> When authenticating agains a server offering multiple authentication methods make sure to attempt other methods in case the best one fails.
>     
> This also fixes a connection close issue in the middle of an NTLM authentication dialog due to clearing the password.
> 
> 
> Diffs
> -----
> 
>   src/ioslaves/http/http.h 621b2c7a957b9bc9cc14ff13ed3c3a72dec38190 
>   src/ioslaves/http/http.cpp a84129f1403cbf8b0f86f9fd0354bec90ac5fd39 
> 
> Diff: https://git.reviewboard.kde.org/r/126991/diff/
> 
> 
> Testing
> -------
> 
> I have performed testing on an IIS 7.5 server which offered 3 authentication options: Negotiate, NTLM and Basic. Since I have Kerberos configured the original code would only try Negotiate and because it failed it would retry it endlessly. With this patch authentication correctly falls back to NTLM or Basic (if NTLM fails too).
> 
> 
> Thanks,
> 
> Krzysztof Nowicki
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160206/45e5f66f/attachment.html>

More information about the Kde-frameworks-devel mailing list