Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(54)

Side by Side Diff: net/http/http_auth_gssapi_posix.h

Issue 3155046: Add support for delegated Kerberos tickets during Negotiate authentication. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 10 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/http/http_auth_filter_unittest.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
7 #pragma once 7 #pragma once
8 8
9 #include <string> 9 #include <string>
10 10
(...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after
233 // |spn| is the Service Principal Name of the server that the token is 233 // |spn| is the Service Principal Name of the server that the token is
234 // being generated for. 234 // being generated for.
235 // If this is the first round of a multiple round scheme, credentials are 235 // If this is the first round of a multiple round scheme, credentials are
236 // obtained using |*username| and |*password|. If |username| and |password| 236 // obtained using |*username| and |*password|. If |username| and |password|
237 // are NULL, the default credentials are used instead. 237 // are NULL, the default credentials are used instead.
238 int GenerateAuthToken(const string16* username, 238 int GenerateAuthToken(const string16* username,
239 const string16* password, 239 const string16* password,
240 const std::wstring& spn, 240 const std::wstring& spn,
241 std::string* auth_token); 241 std::string* auth_token);
242 242
243 // Delegation is allowed on the Kerberos ticket. This allows certain servers
244 // to act as the user, such as an IIS server retrieiving data from a
245 // Kerberized MSSQL server.
246 void Delegate();
247
243 private: 248 private:
244 int OnFirstRound(const string16* username, 249 int OnFirstRound(const string16* username,
245 const string16* password); 250 const string16* password);
246 int GetNextSecurityToken(const std::wstring& spn, 251 int GetNextSecurityToken(const std::wstring& spn,
247 gss_buffer_t in_token, 252 gss_buffer_t in_token,
248 gss_buffer_t out_token); 253 gss_buffer_t out_token);
249 254
250 std::string scheme_; 255 std::string scheme_;
251 string16 username_; 256 string16 username_;
252 string16 password_; 257 string16 password_;
253 gss_OID gss_oid_; 258 gss_OID gss_oid_;
254 GSSAPILibrary* library_; 259 GSSAPILibrary* library_;
255 std::string decoded_server_auth_token_; 260 std::string decoded_server_auth_token_;
256 ScopedSecurityContext scoped_sec_context_; 261 ScopedSecurityContext scoped_sec_context_;
262 bool can_delegate_;
257 }; 263 };
258 264
259 } // namespace net 265 } // namespace net
260 266
261 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 267 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
OLDNEW
« no previous file with comments | « net/http/http_auth_filter_unittest.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698