fre 2011-12-16 klockan 22:09 +1300 skrev Amos Jeffries:
> As Henrik mentioned a few days ago the NTLM and Negotiate auth logics
> are pretty much cut-n-paste copies of each other with a bit of symbol
> renaming and a slight difference in bugs. The more I abstract the
> objects back to a single core auth library with inherited
> scheme-specific objects, the more this becomes visible.
Hmm.. wonder what happened with kerberos? Which btw should be identical
to negotiate except for scheme name.
NTLM = Microsoft NTLMSSP
Kerberos = GSSAPI
Negotiate = Microsoft SPNEGO
SPNEGO is a thin wrapper negotiating the actual auth method. I.e.
normally GSSAPI or NTLM, but also open for additional methods.
> I've been wondering whether it would be a good idea to make these two
> components libraries inherit from each other one way or another instead
> of independently from the abstracted auth core objects.
Yes, abstracting the stateful auth scheme would be beneficial. NTLM and
Negotiate/Kerberos only differ slightly in one of the helper commands.
Regards
Henrik
Received on Fri Dec 16 2011 - 14:43:02 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 16 2011 - 12:00:10 MST