>>>>> Dominic Hargreaves <d...@earth.li> writes: >>>>> On Tue, Mar 01, 2011 at 01:36:55AM +0600, Ivan Shmakov wrote:
[…]
>> OTOH, given that the HTTP basic authentication is only a matter
>> of calling the LWP::UserAgent's ->credentials () method (as per
>> the documentation [1]), it doesn't seem like a big deal to have
>> it supported.
> I thought about forwarding this straight into the upstream
> bugtracker, but it might be worth you raising this on rt-users first.
> If it's simple as you suggest, and you have a desire for it, then it
> might be a case of arguing the point by submission of a suitable
> patch :)
ACK.
Actually, I've found that there's liblwp-authen-negotiate-perl,
which would've the problem solved for me, given that I run
Apache with mod_auth_kerb enabled anyway. Yet, that Perl module
assumes the “user's” way of authentication (kinit), not the one
that's apt for a service (keytab.)
Hence, I may consider patching liblwp-authen-negotiate-perl
instead to support krb5_get_init_creds_keytab (). (It'd still
be necessary to patch rt-mailgate to specify the principal to be
used, though.)
Still, having some common HTTP authentication schemes supported
may be a nice addition. (Though I'm not sure that anything else
looks as simple as calling ->credentials ().)
--
FSF associate member #7257
pgpCb0k7CiF60.pgp
Description: PGP signature
