class type auth_handler =object..end
An authentication handler has the capability of adding the necessary headers to messages.
method create_session : secure:bool ->
http_call ->
http_options Stdlib.ref -> auth_session optionCreate a new authentication session. The passed call has status 401.
The secure flag is set when the connection is secured by TLS.
method create_proxy_session : http_call ->
http_options Stdlib.ref -> auth_session optionSame for proxy authentication (status 407)
method identify_session : http_call ->
http_options Stdlib.ref ->
(string * string * string * int) optionExtracts (mech_name,realm,sess_id,trans_id) if possible. Only needed for multi-step challenge/response authentication. THIS IS STILL EXPERIMENTAL.
method identify_proxy_session : http_call ->
http_options Stdlib.ref ->
(string * string * string * int) optionSame for proxies. THIS IS STILL EXPERIMENTAL
method skip_challenge : boolIf true, this method allows to skip the challenge entirely for authentication. This means that the credentials are added to the HTTP request before any previous response was seen from the server. This adds additional security risks, and may cause that credentials are sent to servers that forge their identity. This is only supported for basic authentication. As no challenge is known, the realm string is simply assumed to be "anywhere".
method skip_challenge_session : http_call ->
http_options Stdlib.ref -> auth_session optionCreate a session for the case that the challenge was skipped
