Details
-
Bug
-
Resolution: Done
-
P2: Important
-
5.15.2
-
None
-
Windows
-
-
5
-
576730f599 (qt/qtbase/dev) 576730f599 (qt/tqtc-qtbase/dev)
-
Team A Foundation Sprint 57
Description
I am connecting to a Windows Communication Foundation (WCF) web service, using QNetworkRequest. I have a slot for QNetworkAccessManage::authenticationRequired, and am supplying credentials using the QAuthenticator in that slot. Server replies back with HTTP 401 Unauthorized. Also the HTTP headers from the server include "WWW-Authentication: Negotiate". This is on a Windows client also, and uses the SSPI library (not GSSAPI).
qauthenticator.cpp, around line 1631 looks like this:
// Calculate target (SPN for Negotiate, empty for NTLM) std::wstring targetNameW = ( method == QAuthenticatorPrivate::Negotiate ? QLatin1String("HTTP/") + host : QString() ).toStdWString();
The code then flows into a call to InitializeSecurityContext() and passes the targetNameW from above as a parameter. The function call fails with SEC_E_WRONG_PRINCIPAL. If I change the targetNameW to instead use QLatin1String("SPN/") + host, the call to InitializeSecurityContext() succeeds and the web service call works as expected.
Attachments
For Gerrit Dashboard: QTBUG-88869 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
411590,6 | QAuthenticator: allow to set custom SPN for Windows client | dev | qt/qtbase | Status: MERGED | +2 | 0 |