-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126991/#review92617
-----------------------------------------------------------
m_triedPasswords doesn't really tell the truth if the application didn't supply
a password, right? It is not really a number of tried passwords, it is the
state of a little state machine. In such cases, it is better to make it an
enum: enum TriedCredentials { NoCredentials = 0, JobCredentials,
CachedCredentials, UserInputCredentials };
... where the distinction of Cached and UserInput is currently unnecessary but
more consistent, a nice piece of self-documentation and might be helpful in the
future.
(Note: "credentials" is better than "passwords" because it's a combination of
username and password and i some special cases something different, like with
NTLM and Kerberos)
Additionally, it looks like m_triedPasswords will carry over failed attempts
from proxy authentication to web server authentication if both happen in the
same KIO get() job [which may produce several HTTP GETs]. I'm not completely
sure though because it's been a while since I worked on that code. Did you
consider the problem?
src/ioslaves/http/http.cpp (line 5445)
<https://git.reviewboard.kde.org/r/126991/#comment63136>
} else {
src/ioslaves/http/http.cpp (line 5476)
<https://git.reviewboard.kde.org/r/126991/#comment63135>
Please break this line, it's extremely long with the addition.
- Andreas Hartmetz
On Feb. 9, 2016, 9:53 p.m., Krzysztof Nowicki wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/126991/
> -----------------------------------------------------------
>
> (Updated Feb. 9, 2016, 9:53 p.m.)
>
>
> Review request for KDE Frameworks and Dawit Alemayehu.
>
>
> Repository: kio
>
>
> Description
> -------
>
> When authenticating agains a server offering multiple authentication methods
> make sure to attempt other methods in case the best one fails.
>
> This also fixes a connection close issue in the middle of an NTLM
> authentication dialog due to clearing the password.
>
>
> Diffs
> -----
>
> src/ioslaves/http/http.h 621b2c7a957b9bc9cc14ff13ed3c3a72dec38190
> src/ioslaves/http/http.cpp e1013c8705e6588729d61ed45c43dc564415c41e
>
> Diff: https://git.reviewboard.kde.org/r/126991/diff/
>
>
> Testing
> -------
>
> I have performed testing on an IIS 7.5 server which offered 3 authentication
> options: Negotiate, NTLM and Basic. Since I have Kerberos configured the
> original code would only try Negotiate and because it failed it would retry
> it endlessly. With this patch authentication correctly falls back to NTLM or
> Basic (if NTLM fails too).
>
>
> Thanks,
>
> Krzysztof Nowicki
>
>
_______________________________________________
Kde-frameworks-devel mailing list
Kde-frameworks-devel@kde.org
https://mail.kde.org/mailman/listinfo/kde-frameworks-devel
