TL;DR Is there a way to force persistent authentication to be off? To put it another way, if I add this line:
neg_ctx->noauthpersist = true; here: https://github.com/curl/curl/blob/master/lib/http_negotiate.c#L140 It fixes my problems. Can I do that through the API somehow? Gory details: I'm using the multi interface with CURLOPT_HTTPAUTH set to CURLAUTH_ANY. My program starts a bunch of requests all at once against a server that doesn't support persistent auth so it challenges each request SPNEGO style. Unfortunately curl seems to assume persistent auth. After one successfully negotiation, it seems to interpret the next SPNEGO challenge as a 401 error instead of a hint to retry with an auth header as it should. After that error it no longer thinks it's authenticated so the next request's challenge works. And so on. The result is that 50% of all the requests fail with a 401 and 50% properly retry SPNEGO style. That probably indicates a curl bug but in my case I know I don't want persistent authentication anyway. So I'd like to just turn it off. Is there a way to do that? Thanks for the help, Whitney
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
