Re: Read/write proxy authentication info into keychain
Re: Read/write proxy authentication info into keychain
- Subject: Re: Read/write proxy authentication info into keychain
- From: Jim Luther <email@hidden>
- Date: Thu, 9 Mar 2006 14:24:32 -0800
Patrick,
Good question.
Since the keychain doesn't have an attribute for the domain, we use
the same method for combining the domain with the username that
Windows uses -- combine the domain and username into a single string
in the format: domain "\" username
Here's a function that combines the domain with the username (if there
is a domain) and returns it in a new string (which you'll need to free).
char * CombineDomainUsername(const char * domain, const char * username)
{
char * result;
if ( (domain == NULL) || (strlen(domain) == 0) ) {
result = malloc(strlen(username) + 1);
if ( result != NULL ) {
strcpy(result, username);
}
}
else {
result = malloc(strlen(domain) + strlen(username) + 2);
if ( result != NULL ) {
strcpy(result, domain);
strcat(result, "\\");
strcat(result, username);
}
}
return ( result );
}
Now you're probably wondering... "When I get the username from the
keychain, do I need to break the combined domain\username back apart
before passing it to CFHTTPAuthentication?"
No, you don't need to split it back up if you use
CFHTTPMessageApplyCredentials(). CFHTTPMessageApplyCredentials() sees
a domain is needed to authenticate, it will look at the username and
if it contains a '\', it will be split into the domain and username
pieces.
However, if you use CFHTTPMessageApplyCredentialDictionary(), you'll
need to split the username up yourself and if there's a domain, add it
to the credentials dictionary with the
kCFHTTPAuthenticationAccountDomain key. You'd do that with code
something like this:
CFArrayRef list;
list = CFStringCreateArrayBySeparatingStrings(CFGetAllocator
(username), username, CFSTR("\\"));
if ( (list == NULL ) || (CFArrayGetCount(list) != 2) ) {
CFDictionaryAddValue(dict, kCFHTTPAuthenticationUsername, username);
}
else {
CFDictionaryAddValue(dict, kCFHTTPAuthenticationAccountDomain,
CFArrayGetValueAtIndex(list, 0));
CFDictionaryAddValue(dict, kCFHTTPAuthenticationUsername,
CFArrayGetValueAtIndex(list, 1));
}
if (list) {
CFRelease(list);
}
- Jim
On Mar 9, 2006, at 12:18 PM, Patrick Lee wrote:
Hi,
I'm writing a HTTP tunneling application and I need to read and
write proxy authentication info into keychain. I knew how to read
account and password credentials from keychain with these code:
SecKeychainAttribute attr;
SecKeychainAttributeList attrList;
UInt32 length;
void *outData;
// Account name attribute
attr.tag = kSecAccountItemAttr;
attr.length = 0;
attr.data = NULL;
attrList.count = 1;
attrList.attr = &attr;
error = SecKeychainItemCopyContent(itemRef, NULL,
&attrList, &length, &outData);
When it comes to NTLM authentication, I also need to read the domain
value. I'd tried kSecSecurityDomainItemAttr but it doesn't seem to
work. Any idea?
Patrick
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden