Merge pull request #223 from deepak1556/iwa_patch
flags to control iwa enabled server whitelist
This commit is contained in:
commit
b41d9fd6c0
2 changed files with 20 additions and 58 deletions
|
@ -92,34 +92,14 @@ const char kProxyPacUrl[] = "proxy-pac-url";
|
||||||
// Disable HTTP/2 and SPDY/3.1 protocols.
|
// Disable HTTP/2 and SPDY/3.1 protocols.
|
||||||
const char kDisableHttp2[] = "disable-http2";
|
const char kDisableHttp2[] = "disable-http2";
|
||||||
|
|
||||||
|
// Whitelist containing servers for which Integrated Authentication is enabled.
|
||||||
|
const char kAuthServerWhitelist[] = "auth-server-whitelist";
|
||||||
|
|
||||||
|
// Whitelist containing servers for which Kerberos delegation is allowed.
|
||||||
|
const char kAuthNegotiateDelegateWhitelist[] = "auth-negotiate-delegate-whitelist";
|
||||||
|
|
||||||
} // namespace
|
} // namespace
|
||||||
|
|
||||||
|
|
||||||
URLRequestContextGetter::DelegateURLSecurityManager::DelegateURLSecurityManager
|
|
||||||
(URLRequestContextGetter::Delegate* delegate) :
|
|
||||||
delegate_(delegate) {}
|
|
||||||
|
|
||||||
bool URLRequestContextGetter::DelegateURLSecurityManager::CanUseDefaultCredentials
|
|
||||||
(const GURL& auth_origin) const {
|
|
||||||
return delegate_->AllowNTLMCredentialsForDomain(auth_origin);
|
|
||||||
}
|
|
||||||
|
|
||||||
bool URLRequestContextGetter::DelegateURLSecurityManager::CanDelegate
|
|
||||||
(const GURL& auth_origin) const {
|
|
||||||
return delegate_->CanDelegateURLSecurity(auth_origin);
|
|
||||||
}
|
|
||||||
|
|
||||||
void URLRequestContextGetter::DelegateURLSecurityManager::SetDefaultWhitelist(
|
|
||||||
scoped_ptr<net::HttpAuthFilter> whitelist_default) {
|
|
||||||
}
|
|
||||||
|
|
||||||
void URLRequestContextGetter::DelegateURLSecurityManager::SetDelegateWhitelist(
|
|
||||||
scoped_ptr<net::HttpAuthFilter> whitelist_delegate) {
|
|
||||||
}
|
|
||||||
|
|
||||||
URLRequestContextGetter::Delegate::Delegate() :
|
|
||||||
orig_url_sec_mgr_(net::URLSecurityManager::Create()) {}
|
|
||||||
|
|
||||||
std::string URLRequestContextGetter::Delegate::GetUserAgent() {
|
std::string URLRequestContextGetter::Delegate::GetUserAgent() {
|
||||||
return base::EmptyString();
|
return base::EmptyString();
|
||||||
}
|
}
|
||||||
|
@ -174,15 +154,6 @@ net::SSLConfigService* URLRequestContextGetter::Delegate::CreateSSLConfigService
|
||||||
return new net::SSLConfigServiceDefaults;
|
return new net::SSLConfigServiceDefaults;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool URLRequestContextGetter::Delegate::AllowNTLMCredentialsForDomain(const GURL& auth_origin) {
|
|
||||||
return orig_url_sec_mgr_->CanUseDefaultCredentials(auth_origin);
|
|
||||||
}
|
|
||||||
|
|
||||||
bool URLRequestContextGetter::Delegate::CanDelegateURLSecurity(const GURL& auth_origin) {
|
|
||||||
return orig_url_sec_mgr_->CanDelegate(auth_origin);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
URLRequestContextGetter::URLRequestContextGetter(
|
URLRequestContextGetter::URLRequestContextGetter(
|
||||||
Delegate* delegate,
|
Delegate* delegate,
|
||||||
DevToolsNetworkControllerHandle* handle,
|
DevToolsNetworkControllerHandle* handle,
|
||||||
|
@ -317,6 +288,19 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
|
||||||
#else
|
#else
|
||||||
http_auth_preferences_.reset(new net::HttpAuthPreferences(schemes));
|
http_auth_preferences_.reset(new net::HttpAuthPreferences(schemes));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
// --auth-server-whitelist
|
||||||
|
if (command_line.HasSwitch(kAuthServerWhitelist)) {
|
||||||
|
http_auth_preferences_->set_server_whitelist(
|
||||||
|
command_line.GetSwitchValueASCII(kAuthServerWhitelist));
|
||||||
|
}
|
||||||
|
|
||||||
|
// --auth-negotiate-delegate-whitelist
|
||||||
|
if (command_line.HasSwitch(kAuthNegotiateDelegateWhitelist)) {
|
||||||
|
http_auth_preferences_->set_delegate_whitelist(
|
||||||
|
command_line.GetSwitchValueASCII(kAuthNegotiateDelegateWhitelist));
|
||||||
|
}
|
||||||
|
|
||||||
auto auth_handler_factory =
|
auto auth_handler_factory =
|
||||||
net::HttpAuthHandlerRegistryFactory::Create(
|
net::HttpAuthHandlerRegistryFactory::Create(
|
||||||
http_auth_preferences_.get(), host_resolver.get());
|
http_auth_preferences_.get(), host_resolver.get());
|
||||||
|
|
|
@ -35,7 +35,7 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
|
||||||
public:
|
public:
|
||||||
class Delegate {
|
class Delegate {
|
||||||
public:
|
public:
|
||||||
Delegate();
|
Delegate() {}
|
||||||
virtual ~Delegate() {}
|
virtual ~Delegate() {}
|
||||||
|
|
||||||
virtual net::NetworkDelegate* CreateNetworkDelegate() { return NULL; }
|
virtual net::NetworkDelegate* CreateNetworkDelegate() { return NULL; }
|
||||||
|
@ -47,28 +47,6 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
|
||||||
const base::FilePath& base_path);
|
const base::FilePath& base_path);
|
||||||
virtual scoped_ptr<net::CertVerifier> CreateCertVerifier();
|
virtual scoped_ptr<net::CertVerifier> CreateCertVerifier();
|
||||||
virtual net::SSLConfigService* CreateSSLConfigService();
|
virtual net::SSLConfigService* CreateSSLConfigService();
|
||||||
virtual bool AllowNTLMCredentialsForDomain(const GURL& auth_origin);
|
|
||||||
virtual bool CanDelegateURLSecurity(const GURL& auth_origin);
|
|
||||||
|
|
||||||
private:
|
|
||||||
scoped_ptr<net::URLSecurityManager> orig_url_sec_mgr_;
|
|
||||||
};
|
|
||||||
|
|
||||||
class DelegateURLSecurityManager : public net::URLSecurityManager {
|
|
||||||
public:
|
|
||||||
DelegateURLSecurityManager(URLRequestContextGetter::Delegate* delegate);
|
|
||||||
|
|
||||||
bool CanUseDefaultCredentials(const GURL& auth_origin) const override;
|
|
||||||
bool CanDelegate(const GURL& auth_origin) const override;
|
|
||||||
void SetDefaultWhitelist(
|
|
||||||
scoped_ptr<net::HttpAuthFilter> whitelist_default) override;
|
|
||||||
void SetDelegateWhitelist(
|
|
||||||
scoped_ptr<net::HttpAuthFilter> whitelist_delegate) override;
|
|
||||||
|
|
||||||
private:
|
|
||||||
URLRequestContextGetter::Delegate* delegate_;
|
|
||||||
|
|
||||||
DISALLOW_COPY_AND_ASSIGN(DelegateURLSecurityManager);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
URLRequestContextGetter(
|
URLRequestContextGetter(
|
||||||
|
|
Loading…
Reference in a new issue