On Fri, 31 Oct 2014, Guru Prasad wrote:

>> Sure. Just don't use libcurl's built-in auth support and build your own
>> instead.
>
> Thanks, Daniel. How can I make libcurl not to use the built-in auth? Can
> this be just done by not calling curl_easy_setopt(CurlHandler,
> CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);?

Yes.

> or is there any other alternates?

No.

> Another question: If I had called this API already, and then, I want to
> disable this, how can this be achieved?

Set CURLOPT_HTTPAUTH to CURLAUTH_NONE

> If I have Authorization header constructed by my module, then, in order to
> use this Authorization header, should I be providing all the remaining
> headers like Accept, Host, etc. in CURLOPT_HTTPHEADER?

Yes. Although Accept and Host shouldn't have anything to do with
authentication... and normally you are better off letting libcurl set the
Host: header itself.

> One more question: If I am not using the libcurl built-in auth and I am
> using my own implementation, in this case, once 401 Unauthorized processing
> is done, I should be triggering the request again with the challenge
> response, right?

When you implement the entire thing yourself you must make sure all requests
are done with the necessary set of headers, yes. That would include responding
to 401 responses.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html