On Thu, Dec 04, 2008 at 01:36:39PM +0100, Joerg Sonnenberger wrote:
Have you thought about how other protocols can be integrated with this?
No, except that I've deliberately made the User/Password dialog generic so that any other code can reuse it with a different callback. Other than that I think that all of my code is entirely specific to HTTP Basic authentication. I can't see how other protocols could be integrated with it in any useful sense. But my opinion doesn't count for much since I know next to nothing about how those other protocols work!
Examples are: - TLS with client side authentication or verification for the server certificate
I have no idea how this works. Every time I try to study certificates and authentication my head starts spinning and I have to lie down. Does anyone know of some gentle introductions?
- non-anonymous FTP
The FTP DPI could check the output of wget. If wget complained that the FTP server needed authentication than it could pop up the user/password dialog with a callback that retries the wget. The download DPI would have to be modified to receive the user and password. (Or we could stuff them into the download URL, but that's insecure since the password would appear in the process listing.) We would have to extend the DPI API to let DPIs use the user/password dialog but that is straightforward (I already implemented it when I thought authentication was going to be a DPI). Regards, Jeremy Henty