Scrive Arno Garrels <arno.garr...@gmx.de>: > Hi All,
Hi Arno, > I just finished an implementation of Digest Access Authentication > in the THttpCli. Well done :-) > Digest authentication requires at least one server challenge per > protection space (realm). This is similar to basic authentication > which may use a realm as challenge (currently not supported by basic > in both THttpCli and THttpServer). The last sentence is not clear to me, can you explain? > Once a client is authenticated it MAY preemptively send the > corresponding Authorization header with requests for resources in > that protection space without receipt of another challenge from the > server. This is currently not implemented in the THttpCli so always > two requests are required with authentication which is horribly slow! I agree. > I doubt that the THttpCli itself should handle those 'preemptive > Authorization headers' instead it should provide some option which > makes it possible/easy to lookup, create send those 'preemptive > Authorization headers' at the application level or maybe in derived > classes. Currently there is IMO no such option, the 401 and 407 error > codes are handled silently internally. A agree to this too. > Any thoughts and suggestions? I already made a similar change. I have a modified version of THttpCli where I changed how the authentication is handled, so it is very easy to add a new one, and without touching the THttpCli class. As support I added an event so the authentication can be handled by the application or by an inherited class. In fact I have a derived class that ask for user and password and cache these information so it will not ask again. All this is at least three year old and I think it can be considered stable. If you want I can send it to you. But keep in mind that after our recent discussion about the authentication problem with Tomcat I planned to revise it to avoid the double request. Bye, Maurizio. ---------------------------------------------------- This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
