Hi Matteo, > sorry I am replying to a digest, I hope the email get threaded correctly.
It seems okay with Outlook but I'm not viewing it in threaded view! However, could I please ask you to not Top Post as per the curl etiquette guide - Instead integrate your reply as follows: > Your explanation of the problem fits nicely with what I experienced. > I am going to ask to the sysadmin of the customer to remove/reorder > the proxy authentication protocols. > > However it is unlikely to happen. My experience is that this very rarely happens and you have to make your software flexible enough that it can be configured to work in the different customer's environments. > I quite do not get your second suggestion: I am currently using > PROXY-ANYAUTH because the software goes to different customers > and I cannot guess the right order of proxy for each customer. > - Is there a way to tell Libcurl which is the order of the authentication to use? Not as far as I am aware... This is something I want to implement for SMTP but I don't think any of the other protocols do this at present (Although I could be very wrong here!!). You can only tell libcurl what authentication mechanisms to use through curl_easy_setopt(CURLOPT_PROXYAUTH, CURLAUTH_NTLM) for example. The second parameter is a bitmask of the mechanisms you want to use but it could just as easy be a single mechanism - Unfortunately though this doesn't specify the order. I hope I have the correct syntax there as I am having difficulty accessing the curl website at the moment and can't verify this info for you :( If you have a config file / ini file / registry entry for your application I would recommend an entry that specifies the mechanism that you then pass onto libcurl through the above call to curl_easy_setopt(). > - Or maybe to test all the authentication before failing? Testing all of: > > Proxy-Authenticate: Negotiate > Proxy-Authenticate: Kerberos > Proxy-Authenticate: NTLM I don't believe this is currently possible but others on the list might be able to confirm it for you. I guess libcurl would have to: * Try GSS in this example * If that fails it would then move on and try the next supported mechanism (Kerberos in this example) * If that fails then it would move on and try NTLM * That would then succeed in your scenario so then libcurl would continue with the URL request If this is something you would like to try, I would suggest downloading the libcurl source code and start hacking ;-) Kind Regards Steve ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
