Revert 65535 - Group Policy support for HTTP authentication

BUG=53625
TEST=ConfigurationPolicyPrefStore*

Review URL: http://codereview.chromium.org/3517018
Patch from Jakob Kummerow <jkummerow@google.com>.

TBR=danno@chromium.org
Review URL: http://codereview.chromium.org/4643004

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65537 0039d316-1c4b-4281-b951-d872f2087c98

14 files changed, 30 insertions, 245 deletions

diff --git a/chrome/app/policy/policy_templates.grd b/chrome/app/policy/policy_templates.grd
index 7f29a0a..b8cbb24 100644
--- a/chrome/app/policy/policy_templates.grd
+++ b/chrome/app/policy/policy_templates.grd
@@ -355,58 +355,6 @@ templates and will be translated for each locale. -->
       <ph name="PROXY_HELP_URL">$2<ex>http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett</ex></ph>
     </message>
 
-    <!-- HTTP Authentication Policy messages -->
-    <message name="IDS_POLICY_HTTPAUTHENTICATION_CAPTION" desc="Caption of the 'HTTPAuthentication' policy group">
-      Policies for HTTP Authentication
-    </message>
-    <message name="IDS_POLICY_HTTPAUTHENTICATION_DESC" desc="Description of the 'HTTPAuthentication' policy group">
-      Policies related to integrated HTTP authentication.
-    </message>
-
-    <message name="IDS_POLICY_AUTHSCHEMES_CAPTION" desc="Caption of the 'supported auth schemes' policy.">
-      Supported authentication schemes
-    </message>
-    <message name="IDS_POLICY_AUTHSCHEMES_DESC" desc="Description of the 'supported auth schemes' policy.">
-      Specifies which HTTP Authentication schemes are supported by <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>.
-
-      Possible values are 'basic', 'digest', 'ntlm' and 'negotiate'. Separate multiple values with commas.
-    </message>
-    <message name="IDS_POLICY_DISABLEAUTHNEGOTIATECNAMELOOKUP_CAPTION" desc="Caption of the 'disable auth negotiate CNAME lookup' policy.">
-      Disable CNAME lookup when negotiating Kerberos authentication
-    </message>
-    <message name="IDS_POLICY_DISABLEAUTHNEGOTIATECNAMELOOKUP_DESC" desc="Description of the 'disable auth negotiate CNAME lookup' policy.">
-      Specifies whether the generated Kerberos SPN is based on the canonical DNS name or the original name entered.
-
-      If you enable this setting, CNAME lookup will be skipped and the server name will be used as entered.
-
-      If you enable this setting, the canonical name of the server will be determined via CNAME lookup.
-    </message>
-    <message name="IDS_POLICY_ENABLEAUTHNEGOTIATEPORT_CAPTION" desc="Caption of the 'enable auth negotiate port' policy.">
-      Include non-standard port in Kerberos SPN
-    </message>
-    <message name="IDS_POLICY_ENABLEAUTHNEGOTIATEPORT_DESC" desc="Description of the 'enable auth negotiate port' policy.">
-      Specifies whether the generated Kerberos SPN should include a non-standard port.
-
-      If you enable this setting, and a non-standard port (i.e., a port other than 80 or 443) is entered, it will be included in the generated Kerberos SPN.
-
-      If you disable this setting, the generated Kerberos SPN will not include a port in any case.
-    </message>
-    <message name="IDS_POLICY_AUTHSERVERWHITELIST_CAPTION" desc="Caption of the 'auth server whitelist' policy.">
-      Authentication server whitelist
-    </message>
-    <message name="IDS_POLICY_AUTHSERVERWHITELIST_DESC" desc="Description of the 'auth server whitelist' policy.">
-      Specifies which servers should be whitelisted for integrated authentication. Integrated authentication is only enabled when <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> receives an authentication challenge from a proxy or from a server which is in this permitted list.
-
-      Separate multiple server names with commas. Wildcards (*) are allowed.
-    </message>
-    <message name="IDS_POLICY_AUTHNEGOTIATEDELEGATEWHITELIST_CAPTION" desc="Caption of the 'auth negotiate delegate whitelist' policy.">
-      Kerberos delegation server whitelist
-    </message>
-    <message name="IDS_POLICY_AUTHNEGOTIATEDELEGATEWHITELIST_DESC" desc="Description of the 'auth negotiate delegate whitelist' policy.">
-      Servers that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> may delegate to.
-    </message>
-    <!-- End HTTP Authentication Policy messages -->
-
     <message name="IDS_POLICY_METRICSREPORTINGENABLED_CAPTION" desc="Caption of the 'crash reporting' policy.">
       Enable reporting of usage and crash-related data
     </message>
diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json
index fa31823..3f3bd47 100644
--- a/chrome/app/policy/policy_templates.json
+++ b/chrome/app/policy/policy_templates.json
@@ -305,62 +305,6 @@
       ]
     },
     {
-      'name': 'HTTPAuthentication',
-      'type': 'group',
-      'policies': [
-        {
-          'name': 'AuthSchemes',
-          'type': 'string',
-          'annotations': {
-            'platforms': ['linux', 'mac', 'win'],
-            'products': ['chrome'],
-            'features': {'dynamic_refresh': 0},
-            'example_value': 'basic,digest,ntlm,negotiate',
-          }
-        },
-        {
-          'name': 'DisableAuthNegotiateCnameLookup',
-          'type': 'main',
-          'annotations': {
-            'platforms': ['linux', 'mac', 'win'],
-            'products': ['chrome'],
-            'features': {'dynamic_refresh': 0},
-            'example_value': False,
-          }
-        },
-        {
-          'name': 'EnableAuthNegotiatePort',
-          'type': 'main',
-          'annotations': {
-            'platforms': ['linux', 'mac', 'win'],
-            'products': ['chrome'],
-            'features': {'dynamic_refresh': 0},
-            'example_value': False,
-          }
-        },
-        {
-          'name': 'AuthServerWhitelist',
-          'type': 'string',
-          'annotations': {
-            'platforms': ['linux', 'mac', 'win'],
-            'products': ['chrome'],
-            'features': {'dynamic_refresh': 0},
-            'example_value': '*example.com,foobar.com,*baz',
-          }
-        },
-        {
-          'name': 'AuthNegotiateDelegateWhitelist',
-          'type': 'string',
-          'annotations': {
-            'platforms': ['linux', 'mac', 'win'],
-            'products': ['chrome'],
-            'features': {'dynamic_refresh': 0},
-            'example_value': 'foobar.example.com',
-          }
-        },
-      ]
-    },
-    {
       'name': 'Extensions',
       'type': 'group',
       'policies': [{
diff --git a/chrome/browser/browser_process_impl.cc b/chrome/browser/browser_process_impl.cc
index 4adfd54..6c384d8 100644
--- a/chrome/browser/browser_process_impl.cc
+++ b/chrome/browser/browser_process_impl.cc
@@ -555,7 +555,7 @@ void BrowserProcessImpl::CreateIOThread() {
   background_x11_thread_.swap(background_x11_thread);
 #endif
 
-  scoped_ptr<IOThread> thread(new IOThread(local_state()));
+  scoped_ptr<IOThread> thread(new IOThread);
   base::Thread::Options options;
   options.message_loop_type = MessageLoop::TYPE_IO;
   if (!thread->StartWithOptions(options))
diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc
index 9b7f718..b12b7f0 100644
--- a/chrome/browser/io_thread.cc
+++ b/chrome/browser/io_thread.cc
@@ -4,8 +4,6 @@
 
 #include "chrome/browser/io_thread.h"
 
-#include <vector>
-
 #include "base/command_line.h"
 #include "base/debug/leak_tracker.h"
 #include "base/logging.h"
@@ -23,11 +21,9 @@
 #include "chrome/browser/net/connect_interceptor.h"
 #include "chrome/browser/net/passive_log_collector.h"
 #include "chrome/browser/net/predictor_api.h"
-#include "chrome/browser/prefs/pref_service.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/net/raw_host_resolver_proc.h"
 #include "chrome/common/net/url_fetcher.h"
-#include "chrome/common/pref_names.h"
 #include "net/base/dnsrr_resolver.h"
 #include "net/base/host_cache.h"
 #include "net/base/host_resolver.h"
@@ -211,25 +207,11 @@ IOThread::Globals::Globals() {}
 
 IOThread::Globals::~Globals() {}
 
-// |local_state| is passed in explicitly in order to (1) reduce implicit
-// dependencies and (2) make IOThread more flexible for testing.
-IOThread::IOThread(PrefService* local_state)
+IOThread::IOThread()
     : BrowserProcessSubThread(BrowserThread::IO),
       globals_(NULL),
       speculative_interceptor_(NULL),
-      predictor_(NULL) {
-  // We call RegisterPrefs() here (instead of inside browser_prefs.cc) to make
-  // sure that everything is initialized in the right order.
-  RegisterPrefs(local_state);
-  auth_schemes_ = local_state->GetString(prefs::kAuthSchemes);
-  negotiate_disable_cname_lookup_ = local_state->GetBoolean(
-      prefs::kDisableAuthNegotiateCnameLookup);
-  negotiate_enable_port_ = local_state->GetBoolean(
-      prefs::kEnableAuthNegotiatePort);
-  auth_server_whitelist_ = local_state->GetString(prefs::kAuthServerWhitelist);
-  auth_delegate_whitelist_ = local_state->GetString(
-      prefs::kAuthNegotiateDelegateWhitelist);
-}
+      predictor_(NULL) {}
 
 IOThread::~IOThread() {
   // We cannot rely on our base class to stop the thread since we want our
@@ -419,36 +401,41 @@ void IOThread::CleanUpAfterMessageLoopDestruction() {
   base::debug::LeakTracker<URLRequest>::CheckForLeaks();
 }
 
-// static
-void IOThread::RegisterPrefs(PrefService* local_state) {
-  local_state->RegisterStringPref(prefs::kAuthSchemes,
-                                  "basic,digest,ntlm,negotiate");
-  local_state->RegisterBooleanPref(prefs::kDisableAuthNegotiateCnameLookup,
-                                   false);
-  local_state->RegisterBooleanPref(prefs::kEnableAuthNegotiatePort, false);
-  local_state->RegisterStringPref(prefs::kAuthServerWhitelist, "");
-  local_state->RegisterStringPref(prefs::kAuthNegotiateDelegateWhitelist, "");
-}
-
 net::HttpAuthHandlerFactory* IOThread::CreateDefaultAuthHandlerFactory(
     net::HostResolver* resolver) {
+  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
 
-  net::HttpAuthFilterWhitelist* auth_filter_default_credentials =
-      new net::HttpAuthFilterWhitelist(auth_server_whitelist_);
-  net::HttpAuthFilterWhitelist* auth_filter_delegate =
-      new net::HttpAuthFilterWhitelist(auth_delegate_whitelist_);
+  // Get the whitelist information from the command line, create an
+  // HttpAuthFilterWhitelist, and attach it to the HttpAuthHandlerFactory.
+  net::HttpAuthFilterWhitelist* auth_filter_default_credentials = NULL;
+  if (command_line.HasSwitch(switches::kAuthServerWhitelist)) {
+    auth_filter_default_credentials = new net::HttpAuthFilterWhitelist(
+        command_line.GetSwitchValueASCII(switches::kAuthServerWhitelist));
+  }
+  net::HttpAuthFilterWhitelist* auth_filter_delegate = NULL;
+  if (command_line.HasSwitch(switches::kAuthNegotiateDelegateWhitelist)) {
+    auth_filter_delegate = new net::HttpAuthFilterWhitelist(
+        command_line.GetSwitchValueASCII(
+            switches::kAuthNegotiateDelegateWhitelist));
+  }
   globals_->url_security_manager.reset(
       net::URLSecurityManager::Create(auth_filter_default_credentials,
                                       auth_filter_delegate));
+
+  // Determine which schemes are supported.
+  std::string csv_auth_schemes = "basic,digest,ntlm,negotiate";
+  if (command_line.HasSwitch(switches::kAuthSchemes))
+    csv_auth_schemes = StringToLowerASCII(
+        command_line.GetSwitchValueASCII(switches::kAuthSchemes));
   std::vector<std::string> supported_schemes;
-  base::SplitString(auth_schemes_, ',', &supported_schemes);
+  base::SplitString(csv_auth_schemes, ',', &supported_schemes);
 
   return net::HttpAuthHandlerRegistryFactory::Create(
       supported_schemes,
       globals_->url_security_manager.get(),
       resolver,
-      negotiate_disable_cname_lookup_,
-      negotiate_enable_port_);
+      command_line.HasSwitch(switches::kDisableAuthNegotiateCnameLookup),
+      command_line.HasSwitch(switches::kEnableAuthNegotiatePort));
 }
 
 void IOThread::InitNetworkPredictorOnIOThread(
diff --git a/chrome/browser/io_thread.h b/chrome/browser/io_thread.h
index 4bc63cda..99cb281 100644
--- a/chrome/browser/io_thread.h
+++ b/chrome/browser/io_thread.h
@@ -8,7 +8,6 @@
 
 #include <list>
 #include <set>
-#include <string>
 #include "base/basictypes.h"
 #include "base/ref_counted.h"
 #include "base/scoped_ptr.h"
@@ -20,7 +19,6 @@
 class ChromeNetLog;
 class ChromeURLRequestContextGetter;
 class ListValue;
-class PrefService;
 class URLRequestContext;
 
 namespace chrome_browser_net {
@@ -50,7 +48,7 @@ class IOThread : public BrowserProcessSubThread {
     ChromeNetworkDelegate network_delegate;
   };
 
-  explicit IOThread(PrefService* local_state);
+  IOThread();
 
   virtual ~IOThread();
 
@@ -104,8 +102,6 @@ class IOThread : public BrowserProcessSubThread {
   class ManagedProxyScriptFetcher;
   typedef std::set<ManagedProxyScriptFetcher*> ProxyScriptFetchers;
 
-  static void RegisterPrefs(PrefService* local_state);
-
   net::HttpAuthHandlerFactory* CreateDefaultAuthHandlerFactory(
       net::HostResolver* resolver);
 
@@ -138,13 +134,6 @@ class IOThread : public BrowserProcessSubThread {
   // Observer that logs network changes to the ChromeNetLog.
   scoped_ptr<net::NetworkChangeNotifier::Observer> network_change_observer_;
 
-  // Store HTTP Auth-related policies in this thread.
-  std::string auth_schemes_;
-  bool negotiate_disable_cname_lookup_;
-  bool negotiate_enable_port_;
-  std::string auth_server_whitelist_;
-  std::string auth_delegate_whitelist_;
-
   // These member variables are initialized by a task posted to the IO thread,
   // which gets posted by calling certain member functions of IOThread.
 
diff --git a/chrome/browser/net/connection_tester_unittest.cc b/chrome/browser/net/connection_tester_unittest.cc
index af505d8..4191484 100644
--- a/chrome/browser/net/connection_tester_unittest.cc
+++ b/chrome/browser/net/connection_tester_unittest.cc
@@ -5,7 +5,6 @@
 #include "chrome/browser/net/connection_tester.h"
 
 #include "chrome/browser/io_thread.h"
-#include "chrome/test/testing_pref_service.h"
 #include "net/base/mock_host_resolver.h"
 #include "net/test/test_server.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -76,8 +75,7 @@ class ConnectionTesterTest : public PlatformTest {
   ConnectionTesterTest()
       : test_server_(net::TestServer::TYPE_HTTP,
             FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))),
-        message_loop_(MessageLoop::TYPE_IO),
-        io_thread_(new TestingPrefService()) {
+        message_loop_(MessageLoop::TYPE_IO) {
     scoped_refptr<net::RuleBasedHostResolverProc> catchall_resolver(
         new net::RuleBasedHostResolverProc(NULL));
 
diff --git a/chrome/browser/policy/configuration_policy_pref_store.cc b/chrome/browser/policy/configuration_policy_pref_store.cc
index 3d73182..5b46c56 100644
--- a/chrome/browser/policy/configuration_policy_pref_store.cc
+++ b/chrome/browser/policy/configuration_policy_pref_store.cc
@@ -155,16 +155,6 @@ const ConfigurationPolicyPrefStore::PolicyToPreferenceMapEntry
     prefs::kDevToolsDisabled },
   { Value::TYPE_BOOLEAN, kPolicyBlockThirdPartyCookies,
     prefs::kBlockThirdPartyCookies},
-  { Value::TYPE_STRING, kPolicyAuthSchemes,
-    prefs::kAuthSchemes },
-  { Value::TYPE_BOOLEAN, kPolicyDisableAuthNegotiateCnameLookup,
-    prefs::kDisableAuthNegotiateCnameLookup },
-  { Value::TYPE_BOOLEAN, kPolicyEnableAuthNegotiatePort,
-    prefs::kEnableAuthNegotiatePort },
-  { Value::TYPE_STRING, kPolicyAuthServerWhitelist,
-    prefs::kAuthServerWhitelist },
-  { Value::TYPE_STRING, kPolicyAuthNegotiateDelegateWhitelist,
-    prefs::kAuthNegotiateDelegateWhitelist },
 
 #if defined(OS_CHROMEOS)
   { Value::TYPE_BOOLEAN, kPolicyChromeOsLockOnIdleSuspend,
@@ -260,15 +250,6 @@ ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList() {
       key::kDeveloperToolsDisabled },
     { kPolicyBlockThirdPartyCookies, Value::TYPE_BOOLEAN,
       key::kBlockThirdPartyCookies },
-    { kPolicyAuthSchemes, Value::TYPE_STRING, key::kAuthSchemes },
-    { kPolicyDisableAuthNegotiateCnameLookup, Value::TYPE_BOOLEAN,
-      key::kDisableAuthNegotiateCnameLookup },
-    { kPolicyEnableAuthNegotiatePort, Value::TYPE_BOOLEAN,
-      key::kEnableAuthNegotiatePort },
-    { kPolicyAuthServerWhitelist, Value::TYPE_STRING,
-      key::kAuthServerWhitelist },
-    { kPolicyAuthNegotiateDelegateWhitelist, Value::TYPE_STRING,
-      key::kAuthNegotiateDelegateWhitelist },
 
 #if defined(OS_CHROMEOS)
     { kPolicyChromeOsLockOnIdleSuspend, Value::TYPE_BOOLEAN,
diff --git a/chrome/browser/policy/configuration_policy_pref_store_unittest.cc b/chrome/browser/policy/configuration_policy_pref_store_unittest.cc
index 1940b73..0809c00 100644
--- a/chrome/browser/policy/configuration_policy_pref_store_unittest.cc
+++ b/chrome/browser/policy/configuration_policy_pref_store_unittest.cc
@@ -106,15 +106,7 @@ INSTANTIATE_TEST_CASE_P(
         TypeAndName(kPolicyProxyBypassList,
                     prefs::kProxyBypassList),
         TypeAndName(kPolicyApplicationLocale,
-                    prefs::kApplicationLocale),
-        TypeAndName(kPolicyApplicationLocale,
-                    prefs::kApplicationLocale),
-        TypeAndName(kPolicyAuthSchemes,
-                    prefs::kAuthSchemes),
-        TypeAndName(kPolicyAuthServerWhitelist,
-                    prefs::kAuthServerWhitelist),
-        TypeAndName(kPolicyAuthNegotiateDelegateWhitelist,
-                    prefs::kAuthNegotiateDelegateWhitelist)));
+                    prefs::kApplicationLocale)));
 
 // Test cases for boolean-valued policy settings.
 class ConfigurationPolicyPrefStoreBooleanTest
@@ -169,13 +161,7 @@ INSTANTIATE_TEST_CASE_P(
         TypeAndName(kPolicyJavascriptEnabled,
                     prefs::kWebKitJavascriptEnabled),
         TypeAndName(kPolicySavingBrowserHistoryDisabled,
-                    prefs::kSavingBrowserHistoryDisabled),
-        TypeAndName(kPolicySavingBrowserHistoryDisabled,
-                    prefs::kSavingBrowserHistoryDisabled),
-        TypeAndName(kPolicyDisableAuthNegotiateCnameLookup,
-                    prefs::kDisableAuthNegotiateCnameLookup),
-        TypeAndName(kPolicyEnableAuthNegotiatePort,
-                    prefs::kEnableAuthNegotiatePort)));
+                    prefs::kSavingBrowserHistoryDisabled)));
 
 #if defined(OS_CHROMEOS)
 INSTANTIATE_TEST_CASE_P(
diff --git a/chrome/browser/policy/configuration_policy_store_interface.h b/chrome/browser/policy/configuration_policy_store_interface.h
index cd28771..7bdcf74 100644
--- a/chrome/browser/policy/configuration_policy_store_interface.h
+++ b/chrome/browser/policy/configuration_policy_store_interface.h
@@ -53,12 +53,6 @@ enum ConfigurationPolicyType {
   kPolicyBlockThirdPartyCookies,
   kPolicyExtensionInstallForceList,
   kPolicyChromeOsLockOnIdleSuspend,
-  kPolicyAuthSchemes,
-  kPolicyDisableAuthNegotiateCnameLookup,
-  kPolicyEnableAuthNegotiatePort,
-  kPolicyAuthServerWhitelist,
-  kPolicyAuthNegotiateDelegateWhitelist,
-
 };
 
 static const int kPolicyNoProxyServerMode = 0;
diff --git a/chrome/browser/prefs/command_line_pref_store.cc b/chrome/browser/prefs/command_line_pref_store.cc
index f5c146d..5a9a7eb 100644
--- a/chrome/browser/prefs/command_line_pref_store.cc
+++ b/chrome/browser/prefs/command_line_pref_store.cc
@@ -16,20 +16,12 @@ const CommandLinePrefStore::StringSwitchToPreferenceMapEntry
       { switches::kProxyServer, prefs::kProxyServer },
       { switches::kProxyPacUrl, prefs::kProxyPacUrl },
       { switches::kProxyBypassList, prefs::kProxyBypassList },
-      { switches::kAuthSchemes, prefs::kAuthSchemes },
-      { switches::kAuthServerWhitelist, prefs::kAuthServerWhitelist },
-      { switches::kAuthNegotiateDelegateWhitelist,
-          prefs::kAuthNegotiateDelegateWhitelist },
 };
 
 const CommandLinePrefStore::BooleanSwitchToPreferenceMapEntry
     CommandLinePrefStore::boolean_switch_map_[] = {
       { switches::kNoProxyServer, prefs::kNoProxyServer, true },
       { switches::kProxyAutoDetect, prefs::kProxyAutoDetect, true },
-      { switches::kDisableAuthNegotiateCnameLookup,
-          prefs::kDisableAuthNegotiateCnameLookup, true },
-      { switches::kEnableAuthNegotiatePort, prefs::kEnableAuthNegotiatePort,
-          true },
 };
 
 CommandLinePrefStore::CommandLinePrefStore(const CommandLine* command_line)
diff --git a/chrome/common/policy_constants.cc b/chrome/common/policy_constants.cc
index 5eb5998..f56f2b2 100644
--- a/chrome/common/policy_constants.cc
+++ b/chrome/common/policy_constants.cc
@@ -57,12 +57,6 @@ const char kJavascriptEnabled[] = "JavascriptEnabled";
 const char kSavingBrowserHistoryDisabled[] = "SavingBrowserHistoryDisabled";
 const char kDeveloperToolsDisabled[] = "DeveloperToolsDisabled";
 const char kBlockThirdPartyCookies[] = "BlockThirdPartyCookies";
-const char kAuthSchemes[] = "AuthSchemes";
-const char kDisableAuthNegotiateCnameLookup[] =
-    "DisableAuthNegotiateCnameLookup";
-const char kEnableAuthNegotiatePort[] = "EnableAuthNegotiatePort";
-const char kAuthServerWhitelist[] = "AuthServerWhitelist";
-const char kAuthNegotiateDelegateWhitelist[] = "AuthNegotiateDelegateWhitelist";
 
 // Chrome Frame specific policy constants
 const char kChromeFrameRendererSettings[] = "ChromeFrameRendererSettings";
diff --git a/chrome/common/policy_constants.h b/chrome/common/policy_constants.h
index e0244e0..1bff710 100644
--- a/chrome/common/policy_constants.h
+++ b/chrome/common/policy_constants.h
@@ -54,11 +54,6 @@ extern const char kJavascriptEnabled[];
 extern const char kSavingBrowserHistoryDisabled[];
 extern const char kDeveloperToolsDisabled[];
 extern const char kBlockThirdPartyCookies[];
-extern const char kAuthSchemes[];
-extern const char kDisableAuthNegotiateCnameLookup[];
-extern const char kEnableAuthNegotiatePort[];
-extern const char kAuthServerWhitelist[];
-extern const char kAuthNegotiateDelegateWhitelist[];
 
 // Chrome Frame specific policy constants
 extern const char kChromeFrameRendererSettings[];
diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc
index d809dfd..9c91912 100644
--- a/chrome/common/pref_names.cc
+++ b/chrome/common/pref_names.cc
@@ -1025,23 +1025,6 @@ const char kRemotingHasSetupCompleted[] = "remoting.has_setup_completed";
 // launches.
 const char kRegisteredBackgroundContents[] = "background_contents.registered";
 
-// String that lists supported HTTP authentication schemes.
-const char kAuthSchemes[] = "auth.schemes";
-
-// Boolean that specifies whether to disable CNAME lookups when generating
-// Kerberos SPN.
-const char kDisableAuthNegotiateCnameLookup[] =
-    "auth.disable_negotiate_cname_lookup";
-// Boolean that specifies whether to include the port in a generated Kerberos
-// SPN.
-const char kEnableAuthNegotiatePort[] = "auth.enable_negotiate_port";
-// Whitelist containing servers for which Integrated Authentication is enabled.
-const char kAuthServerWhitelist[] = "auth.server_whitelist";
-// Whitelist containing servers Chrome is allowed to do Kerberos delegation
-// with.
-const char kAuthNegotiateDelegateWhitelist[] =
-    "auth.negotiate_delegate_whitelist";
-
 #if defined(OS_CHROMEOS)
 // Dictionary for transient storage of settings that should go into signed
 // settings storage before owner has been assigned.
diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h
index 6200467..0d5275c 100644
--- a/chrome/common/pref_names.h
+++ b/chrome/common/pref_names.h
@@ -400,12 +400,6 @@ extern const char kSignedSettingsTempStorage[];
 
 extern const char kRegisteredBackgroundContents[];
 
-extern const char kAuthSchemes[];
-extern const char kDisableAuthNegotiateCnameLookup[];
-extern const char kEnableAuthNegotiatePort[];
-extern const char kAuthServerWhitelist[];
-extern const char kAuthNegotiateDelegateWhitelist[];
-
 }  // namespace prefs
 
 #endif  // CHROME_COMMON_PREF_NAMES_H_