cURL / Mailing Lists / curl-users / Single Mail

curl-users

kerberos

From: Stephen Ince <since_at_opendemand.com>
Date: Wed, 4 Jun 2008 17:09:27 -0400

I am little confused as to how kerberos works in libcurl.

1) I don't see how username/password is conducted in http_negotiate.c?
According to the rfc
(http://meta.cesnet.cz/cms/opencms/en/docs/software/devel/draft-brezak-spnego-http-04.txt)

step1
C: GET dir/index.html

S: HTTP/1.1 401 Unauthorized
S: WWW-Authenticate: Negotiate

step2.
C: GET dir/index.html
C: Authorization: Negotiate a87421000492aa874209af8bc028

S: HTTP/1.1 401 Unauthorized
S: WWW-Authenticate: Negotiate 749efa7b23409c20b92356

step3.
C: GET dir/index.html
C: Authorization: Negotiate 89a8742aa8729a8b028

S: HTTP/1.1 200 Success
S: WWW-Authenticate: Negotiate ade0234568a4209af8bc0280289eca

I thought libcurl passed on the username/password to kdc server and get's a
ticket in step2 via gss_init_sec_context() call. When is the
username/password passed. It is to done via a NTLM.

Steve
Received on 2008-06-04

This message: [ Message body ]
Next message: Peter Jenkins: "Curl returns no data"
Previous message: Daniel Stenberg: "ANNOUNCE: curl and libcurl 7.18.2!"
Next in thread: Daniel Stenberg: "Re: kerberos"
Reply: Daniel Stenberg: "Re: kerberos"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]