| Index: net/http/http_auth_handler_negotiate.cc
|
| ===================================================================
|
| --- net/http/http_auth_handler_negotiate.cc (revision 57541)
|
| +++ net/http/http_auth_handler_negotiate.cc (working copy)
|
| @@ -90,6 +90,8 @@
|
| if (!AllowsDefaultCredentials())
|
| return false;
|
| #endif
|
| + if (CanDelegate())
|
| + auth_system_.Delegate();
|
| scheme_ = "negotiate";
|
| score_ = 4;
|
| properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED;
|
| @@ -113,6 +115,15 @@
|
| return url_security_manager_->CanUseDefaultCredentials(origin_);
|
| }
|
|
|
| +bool HttpAuthHandlerNegotiate::CanDelegate() const {
|
| + // TODO(cbentzel): Should delegation be allowed on proxies?
|
| + if (target_ == HttpAuth::AUTH_PROXY)
|
| + return false;
|
| + if (!url_security_manager_)
|
| + return false;
|
| + return url_security_manager_->CanDelegate(origin_);
|
| +}
|
| +
|
| std::wstring HttpAuthHandlerNegotiate::CreateSPN(
|
| const AddressList& address_list, const GURL& origin) {
|
| // Kerberos Web Server SPNs are in the form HTTP/<host>:<port> through SSPI,
|
|
|