On Thu, Oct 23, 2008 at 10:19:27PM +0200, Daniel Stenberg wrote:
> On Wed, 22 Oct 2008, Josef Wolf wrote:
>> int curl_get_credentials (char *user, char *passwd, /* return values */
>> const char *realm, const char *url,
>> int isproxy)
>
> You'd also want a custom user pointer (for passing on local contexts) and
> possibly a CURL *. I wonder if a auth type (Basic, Digest, NTLM etc) would
> be wanted as well.

"If you have a procedure with 10 parameters, you probably missed some."
- Alan J. Perlis

As many of those arguments as possible that can be turned into
curl_easy_getinfo options instead should probably be go that way instead.
I'm not completely convinced this callback is worth pursuing, though. Is
it really that difficult to do something like this pseudocode instead:

  curl_easy_perform
  while (CURLINFO_RESPONSE_CODE == 401) {
    realm = CURLINFO_AUTH_REALM
    url = CURLINFO_EFFECTIVE_URL
    ask_user_for_credentials(realm,url)
    CURLOPT_USERPWD
    CURLOPT_HTTPAUTH
    curl_easy_perform
  }

This callback would just move the while loop into the library while removing
some of the flexibility allowed the application with this method.

> But in my experience applications in general don't have general 40[17]
> response handlers. Most apps already know when they need auth and they
> already set the requested type(s) and they provide name and password. I
> think that's the primary reason why not more people have asked for support
> of something like this.

Agreed. The callback doesn't really make things much easier for the app
writer, in my opinion.

>>> Dan

-- 
http://www.MoveAnnouncer.com              The web change of address service
          Let webmasters know that your web site has moved