Add support for delegated kerberos tickets to Negotiate authentication.

This is controlled by the --auth-negotiate-delegate-whitelist command line. By default no servers are delegated to. BUG=50076 TEST=net_unittests, go to an IIS server specified in --auth-negotiate-delegate-whitelist and see if this works correctly. Review URL: http://codereview.chromium.org/3155046 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57695 0039d316-1c4b-4281-b951-d872f2087c98
author: cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-08-27 17:35:02 +0000
committer: cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-08-27 17:35:02 +0000
commit: d201b200e947d18ede55706197c62dbaeace8d5f (patch)
tree: 7413f58244f2c7eb3352284411f3b72a8287442d /net/http/url_security_manager.h
parent: c58030205f55b793ec6cedbaa1967ccc4a9f3465 (diff)
download: chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.zip
chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.tar.gz
chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.tar.bz2
1 files changed, 37 insertions, 9 deletions
diff --git a/net/http/url_security_manager.h b/net/http/url_security_manager.h
index 151a446..5e148b4 100644
--- a/net/http/url_security_manager.h
+++ b/net/http/url_security_manager.h
@@ -23,12 +23,34 @@ class URLSecurityManager {
   virtual ~URLSecurityManager() {}
 
   // Creates a platform-dependent instance of URLSecurityManager.
-  // The URLSecurityManager takes ownership of the HttpAuthFilter.
-  static URLSecurityManager* Create(HttpAuthFilter* whitelist);
+  //
+  // |whitelist_default| is the whitelist of servers that default credentials
+  // can be used with during NTLM or Negotiate authentication. If
+  // |whitelist_default| is NULL and the platform is Windows, it indicates
+  // that security zone mapping should be used to determine whether default
+  // credentials sxhould be used. If |whitelist_default| is NULL and the
+  // platform is non-Windows, it indicates that no servers should be
+  // whitelisted.
+  //
+  // |whitelist_delegate| is the whitelist of servers that are allowed
+  // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL,
+  // no servers can have delegated Kerberos tickets.
+  //
+  // Both |whitelist_default| and |whitelist_delegate| will be owned by
+  // the created URLSecurityManager.
+  //
+  // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter
+  //                 and just copy into the URLSecurityManager?
+  static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default,
+                                    const HttpAuthFilter* whitelist_delegate);
 
   // Returns true if we can send the default credentials to the server at
   // |auth_origin| for HTTP NTLM or Negotiate authentication.
-  virtual bool CanUseDefaultCredentials(const GURL& auth_origin) = 0;
+  virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0;
+
+  // Returns true if Kerberos delegation is allowed for the server at
+  // |auth_origin| for HTTP Negotiate authentication.
+  virtual bool CanDelegate(const GURL& auth_origin) const = 0;
 
  private:
   DISALLOW_COPY_AND_ASSIGN(URLSecurityManager);
@@ -36,26 +58,32 @@ class URLSecurityManager {
 
 class URLSecurityManagerWhitelist : public URLSecurityManager {
  public:
-  // The URLSecurityManagerWhitelist takes ownership of the HttpAuthFilter.
-  explicit URLSecurityManagerWhitelist(HttpAuthFilter* whitelist);
+  // The URLSecurityManagerWhitelist takes ownership of the whitelists.
+  URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default,
+                              const HttpAuthFilter* whitelist_delegation);
 
   // URLSecurityManager methods.
-  virtual bool CanUseDefaultCredentials(const GURL& auth_origin);
+  virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const;
+  virtual bool CanDelegate(const GURL& auth_origin) const;
 
  private:
-  scoped_ptr<HttpAuthFilter> whitelist_;
+  scoped_ptr<const HttpAuthFilter> whitelist_default_;
+  scoped_ptr<const HttpAuthFilter> whitelist_delegate_;
 
   DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist);
 };
 
 #if defined(UNIT_TEST)
-// An URLSecurityManager which always allows default credentials.
+// An URLSecurityManager which is very permissive.
 class URLSecurityManagerAllow : public URLSecurityManager {
  public:
   URLSecurityManagerAllow() {}
   virtual ~URLSecurityManagerAllow() {}
 
-  virtual bool CanUseDefaultCredentials(const GURL& auth_origin) {
+  virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const {
+    return true;
+  }
+  virtual bool CanDelegate(const GURL& auth_origin) const {
     return true;
   }
author	cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-08-27 17:35:02 +0000
committer	cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-08-27 17:35:02 +0000
commit	d201b200e947d18ede55706197c62dbaeace8d5f (patch)
tree	7413f58244f2c7eb3352284411f3b72a8287442d /net/http/url_security_manager.h
parent	c58030205f55b793ec6cedbaa1967ccc4a9f3465 (diff)
download	chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.zip chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.tar.gz chromium_src-d201b200e947d18ede55706197c62dbaeace8d5f.tar.bz2