Hi Mansur,

> For the present I have no clear idea how to smoothly integrate
> kerberos authentication into "http" function
> If there is no "Authorization: Negotiate ..." header in the
> http-request, then pil should answer with 401:
> ---
> (de http401 ()
>    (httpStat 401 "Unauthorized" "WWW-Authenticate: Negotiate") )
> ---
> If there is "Authorization: Negotiate..." header, pil calls helper
> library with base64 encoded blob from "Authorization" header.

The HTTP header is parsed in the function '_htHead', local to 'http'.

You could introduce a new global variable '*Authorization'. Insert it
into the third line of 'http'

      (off *Authorization *Post ...)

and put a new clause in the 'cond' of '_htHead' where the HTTP headers
are parsed

         ((match '(~(chop "Authorization: ") . @X) L)
            (setq *Authorization @X) )
         ((match '(~(chop "Host: ") . @X) L)
            (fifo 'Pil (cons '_htHost @X)) )

Then you can check the value of '*Authorization' in the application
whenever needed.

Does this help?

- Alex
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe

Reply via email to