Description
Hello everyone,
we are using the cpp rest sdk (currently version 2.4) in an http client using ssl within a bigger project where we allow users to specify ip and port of a proxy server and in addition the authentication method they want to use/allow (basic or ntlm). It seems like the authentication method within the rest sdk is done automatically (ChooseAuthScheme in http_client_winhttp.cpp) depending on the capabilities of the proxy server. So in our scenario it is possible for our users to (erroneously) specify IP and port address of a server that only allows basic auth while specifying ntlm as their only and preferred auth method. However, the cpp rest sdk code will happily detect that the proxy server that the user chose only supports basic auth and so it will use basic auth and reveal users' credentials. Is there a way to use the http client functionality in such a way that we can specify not only ip address, port and proxy credentials but also to specify the authentication method we prefer, so that a client call will fail if the server doesn't support the auth method we specified?
Any help appreciated,
Stefan Kuhr