该文讨论了在网络安全中mutual_authentication的三种设置:REQUIRED强制所有响应验证,除了错误信息;OPTIONAL尝试验证但允许失败;DISABLED则完全禁用验证。不成功的验证会导致异常,而不支持验证的响应会直接传递给用户。
requests-kerberos-0.12.0\requests_kerberos\kerberos_.py
Different types of mutual authentication:
with mutual_authentication set to REQUIRED, all responses will be authenticated with the exception of errors. Errors will have their contents and headers stripped. If a non-error response cannot be authenticated, a MutualAuthenticationError exception will be raised.
with mutual_authentication set to OPTIONAL, mutual authentication will be attempted if supported, and if supported and failed, a MutualAuthenticationError exception will be raised. Responses which do not support mutual authentication will be returned directly to the user.
with mutual_authentication set to DISABLED, mutual authentication will not be attempted, even if supported.
不同类型的相互认证:
如果将mutual_authentication设置为REQUIRED,则除错误外,所有响应都将被验证。错误的内容和标题将被删除。如果无法验证非错误响应,将引发MutualAuthenticationError异常。
如果mutual_authentication设置为OPTIONAL,如果支持,将尝试相互身份验证,如果支持且失败,将引发MutualAuthenticationError异常。不支持相互身份验证的响应将直接返回给用户。
如果mutual_authentication设置为DISABLED,即使支持互认证,也不会尝试。
448
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
