Overview
Examples
Screenshots
Comparisons
Applications
Download
Documentation
Tutorials
Bazaar
Status & Roadmap
FAQ
Authors & License
Forums
Funding Ultimate++
Search on this site
Search in forums












SourceForge.net Logo
Home » U++ Library support » U++ MT-multithreading and servers » HttpRequest : Add custon authentication capability
HttpRequest : Add custon authentication capability [message #46243] Fri, 01 April 2016 18:26 Go to previous message
omari is currently offline  omari
Messages: 265
Registered: March 2010
Experienced Member
Hi,

i im trying to use NTLM authentication with HttpRequest,

for NTLM, i note the following particularity:
- Use 3 "GET" request.
- Keep connection alive between at least the lasts tow request.
- Use DES encryption.

After analysis of the used authentication mechanism in HttpRequest, I propose the following patch:

1 - remove the member variable "force_diget" et "digest"
2 - add a new memerer variable String "autheticate_header"
3 - in the void HttpRequest::StartRequest(), replace :
	if(!IsNull(digest))
		data << "Authorization: Digest " << digest << "\r\n";
	else
	if(!force_digest && (!IsNull(username) || !IsNull(password)))
		data << "Authorization: Basic " << Base64Encode(username + ":" + password) << "\r\n";

by
	data << autheticate_header;


4 - change 401 error management, in void HttpRequest::Finish(), replace :
	if(status_code == 401 && !IsNull(username)) {
		String authenticate = header["www-authenticate"];
		if(authenticate.GetCount() && redirect_count++ < max_redirects) {
			LLOG("HTTP auth digest");
			Digest(CalculateDigest(authenticate));
			Start();
			return;
		}
	}


by

	if(status_code == 401) {
		
		String authenticate = header["www-authenticate"];
		if(authenticate.GetCount() && redirect_count++ < max_redirects) {
			if(!IsNull(username) || !IsNull(password)) {
			
				if(authenticate.StartsWith("Basic"))
				{
					autheticate_header = "Authorization: Basic " + Base64Encode(username + ":" + password)+ "\r\n";
				}
				else
				if(authenticate.StartsWith("Digest"))
				{
					LLOG("HTTP auth digest");
					autheticate_header = "Authorization: Digest " + CalculateDigest(authenticate) + "\r\n";
				}
				else
				{
					WhenAuthentication(*this);
				}
			}
			else {
				WhenAuthentication(*this);
			}
			
			if(keep_alive)
				StartRequest();
			else
				Start();

			return;
		}
	}



5 - WhenAuthentication is declared as: 
	Callback1<HttpRequest&>		WhenAuthentication;


6 - Add a mehode void ForceBasic(String user, String pw) 
	void ForceBasic(String user, String pw) {autheticate_header << "Authorization: Basic " << Base64Encode(user + ":" + pw) << "\r\n";}



with this patch, a custom Authentication function can be added :

void Autenticate(HttpRequest& http)
{
	String www_authenticate = http.GetHeader("www-authenticate");
	if(!www_authenticate.StartsWith("NTLM"))
	{
		return;
	}
	//...
}
...
HttpReqest r;
r.WhenAuthentication = callback(Autenticate);



regards
omari.

[Updated on: Sat, 09 April 2016 17:25]

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Multithread and INTERLOCK
Next Topic: [FIXED]HttpRequest hangs when Chunked response, without trailer, and KeepAlive is set. (patch & TC)
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sat Apr 27 15:18:12 CEST 2024

Total time taken to generate the page: 0.02673 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.5.
Copyright ©2001-2013 FUDforum Bulletin Board Software