curl-library
Re: problems using negotiate with sspi in 7.21.6 - 0001-fix-negotiate-sspi-problem-with-sequential-requests.patch (0/1)
Date: Mon, 16 May 2011 15:25:13 +0200 (CEST)
On Mon, 16 May 2011, Marcel Roelofs wrote:
> Attached you find a patch that fixes the problem (and changes the order of
> some initialization statements to make them appear somewhat more logical,
> now I had to read them back myself).
Thanks, applied now!
>>> 2) In every client-server request, it re-authenticates, is it by design?
>
> Interesting to see how different browsers deal with this:
> - Chrome and Firefox behave like curl: every subsequent request starts
> afresh, ie. not using any knowledge that a subsequent request may also
> need negotiate authentication
> - IE already adds a Negotiate header if it knows that a particular
> path uses Negotiate authentication. This saves one round trip per
> request.
Right, and that's what libcurl does for other authentication methods. I'm
certainly not a Negotiate expert but I figure curl should be able to do this.
> NTLM remembers that a connection is already authenticated, and apparently
> doesn't need any additional authentication for subsequent requests on the
> same connection.
Correct. NTLM is an abonination and violates fundamental HTTP principles. Yet
it continues to exist and be used...
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2011-05-16