Parent

Files

HTTPClient::SSPINegotiateAuth

Authentication filter for handling Negotiate/NTLM negotiation. Used in ProxyAuth.

SSPINegotiateAuth depends on ‘win32/sspi’ module.

Attributes

scheme[R]

Authentication scheme.

Public Class Methods

new() click to toggle source

Creates new SSPINegotiateAuth filter.

     # File lib/httpclient/auth.rb, line 463
463:     def initialize
464:       @challenge = {}
465:       @scheme = "Negotiate"
466:     end

Public Instance Methods

challenge(uri, param_str) click to toggle source

Challenge handler: remember URL and challenge token for response.

     # File lib/httpclient/auth.rb, line 505
505:     def challenge(uri, param_str)
506:       return false unless SSPIEnabled
507:       if param_str.nil? or @challenge[uri].nil?
508:         c = @challenge[uri] = {}
509:         c[:state] = :init
510:         c[:authenticator] = nil
511:         c[:authphrase] = ""
512:       else
513:         c = @challenge[uri]
514:         c[:state] = :response
515:         c[:authphrase] = param_str
516:       end
517:       true
518:     end
get(req) click to toggle source

Response handler: returns credential. See win32/sspi for negotiation state transition.

     # File lib/httpclient/auth.rb, line 483
483:     def get(req)
484:       return nil unless SSPIEnabled
485:       target_uri = req.header.request_uri
486:       domain_uri, param = @challenge.find { |uri, v|
487:         Util.uri_part_of(target_uri, uri)
488:       }
489:       return nil unless param
490:       state = param[:state]
491:       authenticator = param[:authenticator]
492:       authphrase = param[:authphrase]
493:       case state
494:       when :init
495:         authenticator = param[:authenticator] = Win32::SSPI::NegotiateAuth.new
496:         return authenticator.get_initial_token(@scheme)
497:       when :response
498:         @challenge.delete(domain_uri)
499:         return authenticator.complete_authentication(authphrase)
500:       end
501:       nil
502:     end
reset_challenge() click to toggle source

Resets challenge state. Do not send ’*Authorization’ header until the server sends ’*Authentication’ again.

     # File lib/httpclient/auth.rb, line 470
470:     def reset_challenge
471:       @challenge.clear
472:     end
set(uri, user, passwd) click to toggle source

Set authentication credential. NOT SUPPORTED: username and necessary data is retrieved by win32/sspi. See win32/sspi for more details.

     # File lib/httpclient/auth.rb, line 477
477:     def set(uri, user, passwd)
478:       # not supported
479:     end

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.