[webkit-gtk] libwebkit2gtk and NTLM authentication
toni at firstview.fi
Wed Oct 16 12:17:47 PDT 2013
2013/10/16 Brian Holt <brian.holt at samsung.com>
> > >> There can be found: "WEBKIT_AUTHENTICATION_SCHEME_NTLM = 5" from the
> > >> WebKitAuthenticationScheme.
> > >> However, I can't catch The "authenticate" -signal in case of NTLM.
> > It
> > >> seems to work fine at least with BASIC and DIGEST -authentications.
> > >
> > > According to libsoup API docs, NTLM authentication is not enabled by
> > > default and the feature should be added to the session explicitly. I
> > > don't think we are doing that in WebKit, so I guess we don't support
> > > NTLM authentication at the moment.
> > >
> > > Dan, is this right?
> > Yes. You need to do
> > soup_session_add_feature_by_type (session, SOUP_TYPE_NTLM_AUTH);
> > There are some arguments against enabling it by default; if you have
> > the client-side samba stuff installed, and are logged into a Windows
> > domain, then NTLM authentication can happen completely transparently
> > (ie, no "authenticate" signal, no password dialog) using the cached
> > credentials, and there are attacks against intranets that you could
> > make using that functionality if you could hijack someone's http
> > connection... so it's best to only have it get used when the app is
> > explicitly expecting it to be used (as in evolution).
> This is fine if you are building WebKit yourself and are happy to add the
> line deep inside WebCore (perhaps in ResourceHandleSoup.cpp
> createSoupSession()), unless there is some way to get hold of the soup
> session at the API level? Perhaps we should expose an API in
> WebKitWebContext that allows NTLM e.g.
> WEBKIT_API void
Thank you guys!
Works like a charm :-)
Added soup_session_add_feature_by_type(session, SOUP_TYPE_AUTH_NTLM); in
ResourceHandleSoup.cpp and recompiled libsoup with ntlm-auth.
This is fine for me until it is official provided by libwebkit.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the webkit-gtk