setAuthIdentity()

Talk about add-ons and extension development.
Post Reply
lithopsian
Posts: 3664
Joined: September 15th, 2010, 9:03 am

setAuthIdentity()

Post by lithopsian »

That's nsIHttpAuthManager.setAuthIdentity(). Does anyone know how this is supposed to work, or even how it actually works?

In particular, what do the path and user domain parameters do? I know that the function generally adds http authorisation material to an internal cache so that it can be submitted with any matching http requests to satisfy authorisation requirements. I've got it to work and send Digest and Basic auth fields, but some of the parameters seem to work oddly.

The user domain doesn't seem to do anything. It makes no difference whether I leave it blank or full it in. It is optional, but what is it for? Is this a Windows domain?

The path does do something, but not what I would expect. From reading the spec it seems that the path parameter to setAuthIdentity() should restrict the authorisation data to that path and all subpaths, but it doesn't do this. It seems to make little difference except in one odd case. For digest auth, I don't see any difference whether it is specified or not and specifying it certainly doesn't restrict the authorisation data to that path. For basic auth, specifying anything, even a garbage string, means that the auth will work for any path at the given host. The wrinkle is when passing in a blank string - then the basic auth data is only supplied when triggered directly by a 401 response with a WWW-Authentication header. So each request to that host always receives a 401 response, followed by another request with the auth data. Surely it isn't supposed to work like that? If the auth cache has been populated automatically, for example with a "http://user:pass@host.com/loginPath" type request, it doesn't behave like that.
Post Reply