[Rt-commit] [svn] r788 - in rt: . branches/rt-3.3/html/REST/2.0

Sat May 1 07:44:59 EDT 2004

Author: autrijus
Date: Sat May  1 07:44:58 2004
New Revision: 788

Modified:
   rt/   (props changed)
   rt/branches/rt-3.3/html/REST/2.0/dhandler
Log:
 ----------------------------------------------------------------------
 r4331 at not:  autrijus | 2004-05-01T11:44:31.355329Z
 
 * do not offer WSSE auth to non-atom clients, and vice versa,
   to avoid spurious auth warnings.
 ----------------------------------------------------------------------


Modified: rt/branches/rt-3.3/html/REST/2.0/dhandler
==============================================================================

--- rt/branches/rt-3.3/html/REST/2.0/dhandler	(original)
+++ rt/branches/rt-3.3/html/REST/2.0/dhandler	Sat May  1 07:44:58 2004
@@ -12,19 +12,20 @@
 my $nonce = Digest::MD5::md5_hex($realm . rand());
 my %methods = map {($_ => 1)} @RT::RESTAuthenticationMethods;
 
+my $atom_client = ($r->header_in('User-Agent') =~ /\batom\b/i);
 my $header_out = sub {
     $ENV{FCGI_ROLE} ? $r->header_out(@_) : $r->headers_out->add(@_);
 };
 
 $header_out->(
     'WWW-Authenticate' => qq(WSSE realm="$realm", profile="UsernameToken")
-) if $methods{WSSE};
+) if $methods{WSSE} and $atom_client;
 $header_out->(
     'WWW-Authenticate' => qq(Digest realm="$realm", stale=false, nonce="", qop="auth", algorithm="MD5")
-) if $methods{Digest};
+) if $methods{Digest} and !$atom_client;
 $header_out->(
     'WWW-Authenticate' => qq(Basic realm="$realm")
-) if $methods{Basic};
+) if $methods{Basic} and !$atom_client;
 
 my $CurrentUser;
 my $headerParts = sub {
