124df9f038
The Negotiate authentication scheme can support multiple different types of authentication. The two most popular are NTLM and Kerberos. When we supported NTLM, we'd first try Kerberos, and if it failed, fall back to NTLM. However, we no longer support NTLM, but some people still have server configuration that uses NTLM via Negotiate. For these people, authentication may be broken. Let's fall back to Basic in such a case by keeping track of which authentication mechanisms we've tried, keeping only the supported mechanisms if we got a response, and stripping out failing mechanisms, falling back to Basic. To help with servers that support both Negotiate and Basic, we specifically consider SPNEGO (Negotiate) errors as authentication errors. This is because if the server supports Kerberos but the client does not have a ticket, then we'll get an error trying to read the client's tickets, which will manifest in this way. |
||
---|---|---|
.. | ||
access.go | ||
creds_nix.go | ||
creds_test.go | ||
creds_windows.go | ||
creds.go | ||
netrc_test.go | ||
netrc.go |