Review Request 126991: Try multiple authentication methods in case of failures

Andreas Hartmetz ahartmetz at gmail.com
Thu Mar 3 20:46:11 UTC 2016



> On March 3, 2016, 7:43 p.m., Andreas Hartmetz wrote:
> >
> 
> Andreas Hartmetz wrote:
>     OK, this looks good now overall. The comment about the indexOf() is of course about the whole truncating at space thing, not the particular line.
> 
> Krzysztof Nowicki wrote:
>     The idea of this line and the conditional behind it is to retrieve the auth method name. Sometimes this will be just the name keyword (for example: 'NTLM'), but sometimes this will be followed by some optional data (for ex. 'Basic realm="Some site"'). The `indexOf()` will return the index of the space in the latter case, in which the additional data along with the space needs to be removed. This is of cource not needed for the first case.
>     
>     I assume a short comment above the mentioned line would be sufficient?

Of course. Just something like "separate method name from additional auth info, e.g. nonce value" (or whatever else is a good example).


- Andreas


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126991/#review93120
-----------------------------------------------------------


On March 3, 2016, 11:40 a.m., Krzysztof Nowicki wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/126991/
> -----------------------------------------------------------
> 
> (Updated March 3, 2016, 11:40 a.m.)
> 
> 
> Review request for KDE Frameworks and Dawit Alemayehu.
> 
> 
> Repository: kio
> 
> 
> Description
> -------
> 
> When authenticating agains a server offering multiple authentication methods make sure to attempt other methods in case the best one fails.
>     
> This also fixes a connection close issue in the middle of an NTLM authentication dialog due to clearing the password.
> 
> 
> Diffs
> -----
> 
>   src/ioslaves/http/http.h 621b2c7a957b9bc9cc14ff13ed3c3a72dec38190 
>   src/ioslaves/http/http.cpp a84129f1403cbf8b0f86f9fd0354bec90ac5fd39 
> 
> Diff: https://git.reviewboard.kde.org/r/126991/diff/
> 
> 
> Testing
> -------
> 
> I have performed testing on an IIS 7.5 server which offered 3 authentication options: Negotiate, NTLM and Basic. Since I have Kerberos configured the original code would only try Negotiate and because it failed it would retry it endlessly. With this patch authentication correctly falls back to NTLM or Basic (if NTLM fails too).
> 
> 
> Thanks,
> 
> Krzysztof Nowicki
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160303/58ae7008/attachment.html>


More information about the Kde-frameworks-devel mailing list