> For the present I have no clear idea how to smoothly integrate
> kerberos authentication into "http" function
> If there is no "Authorization: Negotiate ..." header in the
> http-request, then pil should answer with 401:
> (de http401 ()
> (httpStat 401 "Unauthorized" "WWW-Authenticate: Negotiate") )
> If there is "Authorization: Negotiate..." header, pil calls helper
> library with base64 encoded blob from "Authorization" header.
The HTTP header is parsed in the function '_htHead', local to 'http'.
You could introduce a new global variable '*Authorization'. Insert it
into the third line of 'http'
(off *Authorization *Post ...)
and put a new clause in the 'cond' of '_htHead' where the HTTP headers
((match '(~(chop "Authorization: ") . @X) L)
(setq *Authorization @X) )
((match '(~(chop "Host: ") . @X) L)
(fifo 'Pil (cons '_htHost @X)) )
Then you can check the value of '*Authorization' in the application
Does this help?