Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not providing mutual authentication #35

Closed
mkomitee opened this issue Aug 8, 2014 · 1 comment · Fixed by #36
Closed

Not providing mutual authentication #35

mkomitee opened this issue Aug 8, 2014 · 1 comment · Fixed by #36

Comments

@mkomitee
Copy link
Collaborator

mkomitee commented Aug 8, 2014

I noticed today that we're not actually authenticating the server responses. In handle_401 we call authenticate_user and return the resulting response to the caller, handle_response, which passes it back to the user. Under normal circumstances, we never call handle_other, which is where mutual authentication occurs.

I'm a bad person and I feel bad.

I have a fix in my fork, but I'm not submitting it yet because it breaks tests.
@mkomitee mkomitee changed the title Not authentication server in all cases Not providing mutual authentication Aug 8, 2014
@mkomitee
Copy link
Collaborator Author

mkomitee commented Aug 8, 2014

For those who are interested in getting it before I can fix the test, the fix is at mkomitee@17497b8

@mkomitee mkomitee mentioned this issue Aug 23, 2014
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Handle mutual authentication mkomitee/requests-kerberos
1 participant
@mkomitee