cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-users Mailing List Archives

kerberos

From: Stephen Ince <since_at_opendemand.com>
Date: Wed, 4 Jun 2008 17:09:27 -0400

I am little confused as to how kerberos works in libcurl.

1) I don't see how username/password is conducted in http_negotiate.c?
According to the rfc
(http://meta.cesnet.cz/cms/opencms/en/docs/software/devel/draft-brezak-spnego-http-04.txt)

step1
        C: GET dir/index.html

        S: HTTP/1.1 401 Unauthorized
        S: WWW-Authenticate: Negotiate

step2.
        C: GET dir/index.html
        C: Authorization: Negotiate a87421000492aa874209af8bc028

        S: HTTP/1.1 401 Unauthorized
        S: WWW-Authenticate: Negotiate 749efa7b23409c20b92356

step3.
        C: GET dir/index.html
        C: Authorization: Negotiate 89a8742aa8729a8b028

        S: HTTP/1.1 200 Success
        S: WWW-Authenticate: Negotiate ade0234568a4209af8bc0280289eca

I thought libcurl passed on the username/password to kdc server and get's a
ticket in step2 via gss_init_sec_context() call. When is the
username/password passed. It is to done via a NTLM.

Steve
Received on 2008-06-04

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET