Closed k0l0nell closed 4 years ago
Please revert the dprint changes, we don't want to print auth info in the logs.
Please revert the dprint changes, we don't want to print auth info in the logs.
@genotrance Have reverted those. That said I'll revisit a different solution at a later point as being able to trace the auth-scheme through is important especially in "debug" mode.
I'm currently looking at implementing a solution for Negotiate falling back onto NTLM when having configured a proxy server hostname that maps to another domain name (CNAME). Do you mind if this all tags along in one PR?
Closed this PR for now. Will recreate and add in issues for tracking purposes as I have more potential code that can go in this space
Look forward to your PR, I could have merged this small one by itself.
I have recreated the PRs I had locally just now. Sorry for the increased overhead but I had commited using the wrong profile and I had to get that sorted :/
Some proxy servers (e.g. ZScaler) do not adhere to the RFC2617 by not accepting the Proxy-Authorisation header value when capitalised. These tokens should be case insensitive (NEGOTIATE vs Negotiate ) but in case of Zscaler Authentication fails as a result.
This change will echo the auth-scheme back to the server exactly as it was received to ensure compatibility.