Merge pull request #223 from deepak1556/iwa_patch
flags to control iwa enabled server whitelist
This commit is contained in:
commit
b41d9fd6c0
2 changed files with 20 additions and 58 deletions
|
@ -92,34 +92,14 @@ const char kProxyPacUrl[] = "proxy-pac-url";
|
|||
// Disable HTTP/2 and SPDY/3.1 protocols.
|
||||
const char kDisableHttp2[] = "disable-http2";
|
||||
|
||||
// Whitelist containing servers for which Integrated Authentication is enabled.
|
||||
const char kAuthServerWhitelist[] = "auth-server-whitelist";
|
||||
|
||||
// Whitelist containing servers for which Kerberos delegation is allowed.
|
||||
const char kAuthNegotiateDelegateWhitelist[] = "auth-negotiate-delegate-whitelist";
|
||||
|
||||
} // namespace
|
||||
|
||||
|
||||
URLRequestContextGetter::DelegateURLSecurityManager::DelegateURLSecurityManager
|
||||
(URLRequestContextGetter::Delegate* delegate) :
|
||||
delegate_(delegate) {}
|
||||
|
||||
bool URLRequestContextGetter::DelegateURLSecurityManager::CanUseDefaultCredentials
|
||||
(const GURL& auth_origin) const {
|
||||
return delegate_->AllowNTLMCredentialsForDomain(auth_origin);
|
||||
}
|
||||
|
||||
bool URLRequestContextGetter::DelegateURLSecurityManager::CanDelegate
|
||||
(const GURL& auth_origin) const {
|
||||
return delegate_->CanDelegateURLSecurity(auth_origin);
|
||||
}
|
||||
|
||||
void URLRequestContextGetter::DelegateURLSecurityManager::SetDefaultWhitelist(
|
||||
scoped_ptr<net::HttpAuthFilter> whitelist_default) {
|
||||
}
|
||||
|
||||
void URLRequestContextGetter::DelegateURLSecurityManager::SetDelegateWhitelist(
|
||||
scoped_ptr<net::HttpAuthFilter> whitelist_delegate) {
|
||||
}
|
||||
|
||||
URLRequestContextGetter::Delegate::Delegate() :
|
||||
orig_url_sec_mgr_(net::URLSecurityManager::Create()) {}
|
||||
|
||||
std::string URLRequestContextGetter::Delegate::GetUserAgent() {
|
||||
return base::EmptyString();
|
||||
}
|
||||
|
@ -174,15 +154,6 @@ net::SSLConfigService* URLRequestContextGetter::Delegate::CreateSSLConfigService
|
|||
return new net::SSLConfigServiceDefaults;
|
||||
}
|
||||
|
||||
bool URLRequestContextGetter::Delegate::AllowNTLMCredentialsForDomain(const GURL& auth_origin) {
|
||||
return orig_url_sec_mgr_->CanUseDefaultCredentials(auth_origin);
|
||||
}
|
||||
|
||||
bool URLRequestContextGetter::Delegate::CanDelegateURLSecurity(const GURL& auth_origin) {
|
||||
return orig_url_sec_mgr_->CanDelegate(auth_origin);
|
||||
}
|
||||
|
||||
|
||||
URLRequestContextGetter::URLRequestContextGetter(
|
||||
Delegate* delegate,
|
||||
DevToolsNetworkControllerHandle* handle,
|
||||
|
@ -317,6 +288,19 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
|
|||
#else
|
||||
http_auth_preferences_.reset(new net::HttpAuthPreferences(schemes));
|
||||
#endif
|
||||
|
||||
// --auth-server-whitelist
|
||||
if (command_line.HasSwitch(kAuthServerWhitelist)) {
|
||||
http_auth_preferences_->set_server_whitelist(
|
||||
command_line.GetSwitchValueASCII(kAuthServerWhitelist));
|
||||
}
|
||||
|
||||
// --auth-negotiate-delegate-whitelist
|
||||
if (command_line.HasSwitch(kAuthNegotiateDelegateWhitelist)) {
|
||||
http_auth_preferences_->set_delegate_whitelist(
|
||||
command_line.GetSwitchValueASCII(kAuthNegotiateDelegateWhitelist));
|
||||
}
|
||||
|
||||
auto auth_handler_factory =
|
||||
net::HttpAuthHandlerRegistryFactory::Create(
|
||||
http_auth_preferences_.get(), host_resolver.get());
|
||||
|
|
|
@ -35,7 +35,7 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
|
|||
public:
|
||||
class Delegate {
|
||||
public:
|
||||
Delegate();
|
||||
Delegate() {}
|
||||
virtual ~Delegate() {}
|
||||
|
||||
virtual net::NetworkDelegate* CreateNetworkDelegate() { return NULL; }
|
||||
|
@ -47,28 +47,6 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
|
|||
const base::FilePath& base_path);
|
||||
virtual scoped_ptr<net::CertVerifier> CreateCertVerifier();
|
||||
virtual net::SSLConfigService* CreateSSLConfigService();
|
||||
virtual bool AllowNTLMCredentialsForDomain(const GURL& auth_origin);
|
||||
virtual bool CanDelegateURLSecurity(const GURL& auth_origin);
|
||||
|
||||
private:
|
||||
scoped_ptr<net::URLSecurityManager> orig_url_sec_mgr_;
|
||||
};
|
||||
|
||||
class DelegateURLSecurityManager : public net::URLSecurityManager {
|
||||
public:
|
||||
DelegateURLSecurityManager(URLRequestContextGetter::Delegate* delegate);
|
||||
|
||||
bool CanUseDefaultCredentials(const GURL& auth_origin) const override;
|
||||
bool CanDelegate(const GURL& auth_origin) const override;
|
||||
void SetDefaultWhitelist(
|
||||
scoped_ptr<net::HttpAuthFilter> whitelist_default) override;
|
||||
void SetDelegateWhitelist(
|
||||
scoped_ptr<net::HttpAuthFilter> whitelist_delegate) override;
|
||||
|
||||
private:
|
||||
URLRequestContextGetter::Delegate* delegate_;
|
||||
|
||||
DISALLOW_COPY_AND_ASSIGN(DelegateURLSecurityManager);
|
||||
};
|
||||
|
||||
URLRequestContextGetter(
|
||||
|
|
Loading…
Reference in a new issue