axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dinesh Weerapurage (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AXIS2C-1370) Axis should support libcurl's other auth types (not just basic)
Date Tue, 19 Feb 2013 03:25:12 GMT

    [ https://issues.apache.org/jira/browse/AXIS2C-1370?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13580988#comment-13580988
] 

Dinesh Weerapurage commented on AXIS2C-1370:
--------------------------------------------

Hi Alex, I have started working on this long due patch. However samples seem not to work after
applying this patch. Could you test the patch which was submitted on Dec 21, 2012 for me please?

                
> Axis should support libcurl's other auth types (not just basic)
> ---------------------------------------------------------------
>
>                 Key: AXIS2C-1370
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1370
>             Project: Axis2-C
>          Issue Type: Improvement
>          Components: transport/http
>    Affects Versions: 1.6.0
>            Reporter: Incarnadine
>            Assignee: Dinesh Weerapurage
>             Fix For: Next Version
>
>         Attachments: axis2c-1370.diff, axis2c_libcurl_auth.patch, axis2c_libcurl_auth_v3.patch,
axis2_libcurl.c.diff, options.c.diff
>
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> Looking over axis2_libcurl_set_auth_options() I see it only allows basic auth.
> if (auth_type && 
>         0 == axutil_strcmp(auth_type, AXIS2_HTTP_AUTH_TYPE_BASIC))
>     {
>         curl_easy_setopt(handler, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
>     }
> else
>     {
>         /* Uses anonymous connection.*/
>     }
> If new schemes can be enabled as easily as mapping Axis options to Libcurl, this would
appear to be an easy fix. Other supported values to be mapped include:
> CURLAUTH_BASIC 
> HTTP Basic authentication. This is the default choice, and the only method that is in
wide-spread use and supported virtually everywhere. This is sending the user name and password
over the network in plain text, easily captured by others. 
> CURLAUTH_DIGEST 
> HTTP Digest authentication. Digest authentication is defined in RFC2617 and is a more
secure way to do authentication over public networks than the regular old-fashioned Basic
method. 
> CURLAUTH_GSSNEGOTIATE 
> HTTP GSS-Negotiate authentication. The GSS-Negotiate (also known as plain "Negotiate")
method was designed by Microsoft and is used in their web applications. It is primarily meant
as a support for Kerberos5 authentication but may be also used along with another authentication
methods. For more information see IETF draft draft-brezak-spnego-http-04.txt. 
> You need to build libcurl with a suitable GSS-API library for this to work. 
> CURLAUTH_NTLM 
> HTTP NTLM authentication. A proprietary protocol invented and used by Microsoft. It uses
a challenge-response and hash concept similar to Digest, to prevent the password from being
eavesdropped. 
> You need to build libcurl with OpenSSL support for this option to work, or build libcurl
on Windows. 
> CURLAUTH_ANY 
> This is a convenience macro that sets all bits and thus makes libcurl pick any it finds
suitable. libcurl will automatically select the one it finds most secure. 
> CURLAUTH_ANYSAFE 
> This is a convenience macro that sets all bits except Basic and thus makes libcurl pick
any it finds suitable. libcurl will automatically select the one it finds most secure. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message