Other flags may be defined in the future */
Called to initialize an auth module. The other methods cannot be called
unless this method succeeds.
| aServiceName | the service name, which may be null if not applicable (e.g., for NTLM, this parameter should be null). |
| aServiceFlags | a bitwise-or of the REQ_ flags defined above (pass REQ_DEFAULT for default behavior). |
| aDomain | the authentication domain, which may be null if not applicable. |
| aUsername | the user's login name |
| aPassword | the user's password |
Called to get the next token in a sequence of authentication steps.
| aInToken | A buffer containing the input token (e.g., a challenge from a server). This may be null. |
| aInTokenLength | The length of the input token. |
| aOutToken | If getNextToken succeeds, then aOutToken will point to a buffer to be sent in response to the server challenge. The length of this buffer is given by aOutTokenLength. The buffer at aOutToken must be recycled with a call to nsMemory::Free. |
| aOutTokenLength | If getNextToken succeeds, then aOutTokenLength contains the length of the buffer (number of bytes) pointed to by aOutToken. |
Once a security context has been established through calls to GetNextToken()
it may be used to protect data exchanged between client and server. Calls
to Wrap() are used to protect items of data to be sent to the server.
Wrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying authentication
mechanism does not support security layers.
| aInToken | A buffer containing the data to be sent to the server |
| aInTokenLength | The length of the input token |
| confidential | If set to true, Wrap() will encrypt the data, otherwise data will just be integrity protected (checksummed) |
| aOutToken | A buffer containing the resulting data to be sent to the server |
| aOutTokenLength | The length of the output token buffer |
Unwrap() is used to unpack, decrypt, and verify the checksums on data
returned by a server when security layers are in use.
Unwrap() may return NS_ERROR_NOT_IMPLEMENTED, if the underlying
authentication mechanism does not support security layers.
| aInToken | A buffer containing the data received from the server |
| aInTokenLength | The length of the input token |
| aOutToken | A buffer containing the plaintext data from the server |
| aOutTokenLength | The length of the output token buffer |
Default behavior.
Client and server will be authenticated.
The server is allowed to impersonate the client. The REQ_MUTUAL_AUTH
flag may also need to be specified in order for this flag to take
effect.
The authentication is required for a proxy connection.
Flags used for telemetry.