cURL / Mailing Lists / curl-library / Single Mail

curl-library

cUrl and challenge-response authentication (NTLM)

From: Yehezkel Horowitz <horowity_at_checkpoint.com>
Date: Mon, 2 Jan 2012 13:25:43 +0200

Hi

I wanted to ask if there is an option to ask curl to handle all the challenge-response of HTTP authentication internally.

The current situation is that the header callback is called with all the headers and just need to skip them till the end of headers is passed and only then to return 0 to libcurl to get the challenge answered automatically (this could happen 1 or 2 times even if libcurl is configured with the right authentication method).

I think such option could simplify the handling in the application that uses libcurl, since when the application will get 401 status code - this will be final response, not just part of the authentication phase.

Does anyone knows why the calling application even need to know about all this challenge-response negotiation (in other words, why not making this option as default)?

From my "user" point of view - there is no need to get all this information; all this could and should be handled internally inside libcurl, since the username and password needs to be configured in advance.

What do you think?

Yehezkel Horowitz
Check Point Software Technologies Ltd.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-01-02