Add support for ntlm authentication #2658
Conversation
There was a problem hiding this comment.
Wow nice!
As long as CI says OK and the encoding stuff is fixed :)
I have some concerns about netcore and mono compat but in theory when CI is green it should be OK.
Regarding a x-plat paket-files NTLM is a bit of a problem, isn't it? So basically authtype: "ntlm" would render the file unusable on non-windows?
| let configWithPassword = """ | ||
| source http://www.nuget.org/api/v2 username: "tat� tata" password: "you got hacked!" | ||
| let configWithPasswordNoAuthType = """ | ||
| source http://www.nuget.org/api/v2 username: "tat� tata" password: "you got hacked!" |
There was a problem hiding this comment.
Ooh yikes, I'll have a look!
|
Yes, I think you're right - specifying NTLM in a file would mean it can't be used on non-windows. I had considered limiting the auth type specification to config files for that reason, but I ultimately decided that if your nuget feed requires windows auth, you're already in trouble if you're not on windows. Do you think that makes sense? |
|
Yep, just asking for confirmation I guess :) |
samhanes
force-pushed
the
ntlm-auth-support
branch
from
72f9efa to
321c346
Compare
samhanes
force-pushed
the
ntlm-auth-support
branch
from
321c346 to
e012329
Compare
| ``` | ||
|
|
||
| If you don't want to check your username and password into source control, you | ||
| can use environment variables instead: | ||
|
|
||
| ```paket | ||
| source http://myserver/nuget/api/v2 username: "%PRIVATE_FEED_USER%" password: "%PRIVATE_FEED_PASS%" | ||
| source http://myserver/nuget/api/v2 username: "%PRIVATE_FEED_USER%" password: "%PRIVATE_FEED_PASS%" authtype: "ntlm" |
There was a problem hiding this comment.
You need either username/password OR ntlm, right?
There was a problem hiding this comment.
Or do you need to enter your windows account and password? It should be able to use the current windows account.
There was a problem hiding this comment.
No, the default credentials aren't used - just a different authentication scheme. See my reply to your other comment. :)
|
So i may be misunderstanding something, I haven't looked at this too deep to be honest. But normally I understand WindowsAuthentication to mean that the current ambient user account will be used, and I DON'T need to enter my password anywhere. Maybe this could help? https://stackoverflow.com/a/11414695/1872399 |
|
@0x53A Using the default credentials is certainly one use case - but in this case we'd like to use Windows credentials to a separate domain for authentication. Locally we can store them in the windows credentials manager, but this still presents a problem on the build server. The changes I've proposed would allow you to provide a username in the form of |
|
ok, makes sense. I guess if someone wants default credentials they should implement it themselves ;D |
|
WOW! This looks great! |
|
Thanks - you guys move fast! |
No description provided.