Plasma GitLab Archive
Projects Blog Knowledge

Class Nethttp_client.basic_auth_handler

class basic_auth_handler : ?enable_reauth:bool -> ?skip_challenge:bool -> #key_handler -> auth_handler

Basic authentication. Authentication information is obtained by the passed key_handler. Note that basic authentication is insecure and should only be run over TLS. But even then, the server obtains the password in clear. Use other methods if possible.

enable_reauth: If set to true, a quicker authentication mode is enabled: when a request is sent out, it is checked whether a previous request/response cycle exists that needed authentication. If so, the same credentials are added to the request. Normally, the request would be sent without credentials first, and only after getting the authentication challenge the request is resent with the credentials. Reauthentication is only done for the same realm and the same domain. The path of the request URI, however, may be different.

skip_challenge: This option enables a mode so that the credentials are added to HTTP requests even before any response has been seen by the server. This adds additional security risks, and may cause that credentials are sent to servers that forge their identity. As no challenge is known, the realm string is simply assumed to be "anywhere".

This web site is published by Informatikbüro Gerd Stolpmann
Powered by Caml