Bug 1446482 - Add policy for integrated auth prefs. r=Felipe
authorMichael Kaply <mozilla@kaply.com>
Mon, 02 Apr 2018 16:09:11 -0500
changeset 411389 173ac8b5a196d1159acb4ed4f1ddf52f28de50ba
parent 411388 55602e9462ae04c0023339cda4b10ffa40d481c3
child 411390 8fbafbc46da259a054dd00feb93abc20e3140c56
push id101643
push userdluca@mozilla.com
push dateTue, 03 Apr 2018 04:25:27 +0000
treeherdermozilla-inbound@ac667545d8aa [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersFelipe
bugs1446482
milestone61.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1446482 - Add policy for integrated auth prefs. r=Felipe MozReview-Commit-ID: 3V7EBSiVK4A
browser/components/enterprisepolicies/Policies.jsm
browser/components/enterprisepolicies/schemas/policies-schema.json
browser/components/enterprisepolicies/tests/browser/browser_policies_simple_pref_policies.js
--- a/browser/components/enterprisepolicies/Policies.jsm
+++ b/browser/components/enterprisepolicies/Policies.jsm
@@ -56,16 +56,30 @@ var EXPORTED_SYMBOLS = ["Policies"];
  *   It will be different for each policy. It could be a boolean,
  *   a string, an array or a complex object. All parameters have
  *   been validated according to the schema, and no unknown
  *   properties will be present on them.
  *
  * The callbacks will be bound to their parent policy object.
  */
 var Policies = {
+  "Authentication": {
+    onBeforeAddons(manager, param) {
+      if ("SPNEGO" in param) {
+        setAndLockPref("network.negotiate-auth.trusted-uris", param.SPNEGO.join(", "));
+      }
+      if ("Delegated" in param) {
+        setAndLockPref("network.negotiate-auth.delegation-uris", param.Delegated.join(", "));
+      }
+      if ("NTLM" in param) {
+        setAndLockPref("network.automatic-ntlm-auth.trusted-uris", param.NTLM.join(", "));
+      }
+    }
+  },
+
   "BlockAboutAddons": {
     onBeforeUIStartup(manager, param) {
       if (param) {
         manager.disallowFeature("about:addons", true);
       }
     }
   },
 
--- a/browser/components/enterprisepolicies/schemas/policies-schema.json
+++ b/browser/components/enterprisepolicies/schemas/policies-schema.json
@@ -1,12 +1,40 @@
 {
   "$schema": "http://json-schema.org/draft-04/schema#",
   "type": "object",
   "properties": {
+    "Authentication": {
+      "description": "Sites that support integrated authentication. See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication",
+      "first_available": "60.0",
+      "enterprise_only": true,
+
+      "type": "object",
+      "properties": {
+        "SPNEGO" : {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "Delegated" : {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "NTLM" : {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+
     "BlockAboutAddons": {
       "description": "Block access to the Add-ons Mananger (about:addons).",
       "first_available": "60.0",
 
       "type": "boolean"
     },
 
     "BlockAboutConfig": {
--- a/browser/components/enterprisepolicies/tests/browser/browser_policies_simple_pref_policies.js
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policies_simple_pref_policies.js
@@ -70,16 +70,32 @@ const POLICIES_TESTS = [
     }
   },
 
   // POLICY: OverrideFirstRunPage
   {
     policies: { "OverrideFirstRunPage": "https://www.example.com/" },
     lockedPrefs: { "startup.homepage_welcome_url": "https://www.example.com/" },
   },
+
+  // POLICY: Authentication
+  {
+    policies: {
+      "Authentication": {
+        "SPNEGO": ["a.com", "b.com"],
+        "Delegated": ["a.com", "b.com"],
+        "NTLM": ["a.com", "b.com"],
+      }
+    },
+    lockedPrefs: {
+      "network.negotiate-auth.trusted-uris": "a.com, b.com",
+      "network.negotiate-auth.delegation-uris": "a.com, b.com",
+      "network.automatic-ntlm-auth.trusted-uris": "a.com, b.com",
+    }
+  },
 ];
 
 add_task(async function test_policy_remember_passwords() {
   for (let test of POLICIES_TESTS) {
     await setupPolicyEngineWithJson({
       "policies": test.policies
     });