Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(221)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_auth_gssapi_posix.h

Issue 8340026: Use AuthCredentials throughout the network stack instead of username/password. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Reduce password zapping Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/http/http_auth_controller.h ('K') | « net/http/http_auth_controller_unittest.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | net/http/http_auth_handler.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 5 #ifndef NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 6 #define NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
7 #pragma once 7 #pragma once
8 8
9 #include <gssapi.h> 9 #include <gssapi.h>
10 10
11 #include <string> 11 #include <string>
12 12
13 #include "base/gtest_prod_util.h" 13 #include "base/gtest_prod_util.h"
14 #include "base/native_library.h" 14 #include "base/native_library.h"
15 #include "base/string16.h" 15 #include "base/string16.h"
asanka 2011/10/28 14:39:40 Not needed?
16 #include "net/base/net_export.h" 16 #include "net/base/net_export.h"
17 #include "net/http/http_auth.h" 17 #include "net/http/http_auth.h"
18 18
19 namespace net { 19 namespace net {
20 20
21 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_C_NT_HOSTBASED_SERVICE_X; 21 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_C_NT_HOSTBASED_SERVICE_X;
22 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_C_NT_HOSTBASED_SERVICE; 22 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_C_NT_HOSTBASED_SERVICE;
23 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_KRB5_MECH_OID_DESC; 23 NET_EXPORT_PRIVATE extern gss_OID CHROME_GSS_KRB5_MECH_OID_DESC;
24 24
25 // GSSAPILibrary is introduced so unit tests can mock the calls to the GSSAPI 25 // GSSAPILibrary is introduced so unit tests can mock the calls to the GSSAPI
(...skipping 214 matching lines...) Expand 10 before | Expand all | Expand 10 after
240 HttpAuth::ChallengeTokenizer* tok); 240 HttpAuth::ChallengeTokenizer* tok);
241 241
242 // Generates an authentication token. 242 // Generates an authentication token.
243 // The return value is an error code. If it's not |OK|, the value of 243 // The return value is an error code. If it's not |OK|, the value of
244 // |*auth_token| is unspecified. 244 // |*auth_token| is unspecified.
245 // |spn| is the Service Principal Name of the server that the token is 245 // |spn| is the Service Principal Name of the server that the token is
246 // being generated for. 246 // being generated for.
247 // If this is the first round of a multiple round scheme, credentials are 247 // If this is the first round of a multiple round scheme, credentials are
248 // obtained using |*username| and |*password|. If |username| and |password| 248 // obtained using |*username| and |*password|. If |username| and |password|
249 // are NULL, the default credentials are used instead. 249 // are NULL, the default credentials are used instead.
250 int GenerateAuthToken(const string16* username, 250 int GenerateAuthToken(const AuthCredentials* credentials,
251 const string16* password,
252 const std::wstring& spn, 251 const std::wstring& spn,
253 std::string* auth_token); 252 std::string* auth_token);
254 253
255 // Delegation is allowed on the Kerberos ticket. This allows certain servers 254 // Delegation is allowed on the Kerberos ticket. This allows certain servers
256 // to act as the user, such as an IIS server retrieiving data from a 255 // to act as the user, such as an IIS server retrieiving data from a
257 // Kerberized MSSQL server. 256 // Kerberized MSSQL server.
258 void Delegate(); 257 void Delegate();
259 258
260 private: 259 private:
261 int GetNextSecurityToken(const std::wstring& spn, 260 int GetNextSecurityToken(const std::wstring& spn,
262 gss_buffer_t in_token, 261 gss_buffer_t in_token,
263 gss_buffer_t out_token); 262 gss_buffer_t out_token);
264 263
265 std::string scheme_; 264 std::string scheme_;
266 gss_OID gss_oid_; 265 gss_OID gss_oid_;
267 GSSAPILibrary* library_; 266 GSSAPILibrary* library_;
268 std::string decoded_server_auth_token_; 267 std::string decoded_server_auth_token_;
269 ScopedSecurityContext scoped_sec_context_; 268 ScopedSecurityContext scoped_sec_context_;
270 bool can_delegate_; 269 bool can_delegate_;
271 }; 270 };
272 271
273 } // namespace net 272 } // namespace net
274 273
275 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_ 274 #endif // NET_HTTP_HTTP_AUTH_GSSAPI_POSIX_H_
OLDNEW
« net/http/http_auth_controller.h ('K') | « net/http/http_auth_controller_unittest.cc ('k') | net/http/http_auth_gssapi_posix.cc » ('j') | net/http/http_auth_handler.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698