[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NTLM Authentication Project
Hi Thomas,
Scott mentions this in an aside remark in this message:
Re: (GSKit) I/O: A connection with a remote socket was reset by that socket.
of wednesday, 1 juni 2005 18:43.
" If you wanted to specify this keyword with HTTPAPI, you could do so by
registering an "additional header" exit proc, and adding the Connection:
keep-alive and keep-alive: 300 data to the header. "
Kind regards,
Loek Maartens.
----- Original Message -----
From: "Thomas Raddatz" <thomas.raddatz@xxxxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Sunday, April 22, 2012 4:34 PM
Subject: Re: NTLM Authentication Project
> Loek,
>
> Thank you so much for this specific link. It exactly describes what I
> mentioned in my first posting about the "keep-alive" header:
>
> "As mentioned above, this scheme authenticates connections, not requests
> ..."
>
> Now that we know that the connection must be kept alive between the type-2
> and type-3 messages, the next question is: How can we improve HTTP API to
> support persistent connections.
>
> Regards,
>
> Thomas.
>
> Am 22.04.2012 15:55, schrieb Loek Maartens:
>> Hi Thomas,
>>
>> Also an additional resource is:
>>
>> http://www.innovation.ch/personal/ronald/ntlm.html
>>
>> Kind regards,
>>
>> Loek Maartens.
>>
>>
>> ----- Original Message -----
>> From: "Thomas Raddatz"<thomas.raddatz@xxxxxxxxxxx>
>> To: "HTTPAPI and FTPAPI Projects"<ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
>> Sent: Sunday, April 22, 2012 3:38 PM
>> Subject: Re: NTLM Authentication Project
>>
>>
>>> Loek,
>>>
>>> Thank you for your response. Do you mean this document:
>>>
>>> http://www.devshed.com/c/a/Administration/Authentication-in-Samba/1/
>>>
>>> The documentation that I used so far is:
>>>
>>> http://davenport.sourceforge.net/ntlm.html#type3MessageExample
>>> http://jcifs.samba.org/ (Java source code)
>>> http://msdn.microsoft.com/en-us/library/cc236621%28v=prot.13%29.aspx
>>>
>>> http://mxr.mozilla.org/mozilla/source/security/manager/ssl/src/nsNTLMAuthModule.cpp
>>> (c++ Firefox source code)
>>>
>>> My current service program follows the "jcifs.samba.org" implementation.
>>>
>>> Actually everything seems to be simple. I do not know what I am doing
>>> wrong. It must be something obvious.
>>>
>>> Thomas.
>>>
>>> Am 22.04.2012 15:12, schrieb Loek Maartens:
>>>> Hi Thomas,
>>>>
>>>> I do not have any experience with the MS NTLM api, but just found a PDF
>>>> document from MS detailing the HTTP use of NTLM;
>>>>
>>>> I just googled with {NTLMv1, the actual protocol details} and found a
>>>> very
>>>> details API specification as the second document presented.
>>>>
>>>> Hope to help,
>>>>
>>>> Loek Maartens.
>>>>
>>>> ----- Original Message -----
>>>> From: "Thomas Raddatz"<thomas.raddatz@xxxxxxxxxxx>
>>>> To: "HTTPAPI and FTPAPI Projects"<ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
>>>> Sent: Sunday, April 22, 2012 2:22 PM
>>>> Subject: NTLM Authentication Project
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> Is there somebody who has experiences in using the NTLM authentication
>>>>> mechanism? I am trying to add NTLM authentication to HTTP API with
>>>>> less
>>>>> success so far.
>>>>>
>>>>> Although all my RPGUnit test cases show "green" for all the various
>>>>> procedures for calculating this and that, I cannot successfully
>>>>> connect
>>>>> to
>>>>> the IIS server on my local desktop PC. I always get a 401 "Access
>>>>> Denied"
>>>>> error message.
>>>>>
>>>>> I must be doing something wrong. Most likely it is something obviously
>>>>> that
>>>>> I do not see. One thing I have in mind is the "keep-alive" header.
>>>>> When
>>>>> I
>>>>> connect from my PC to the IIS on a virtual machine, I can see that
>>>>> both
>>>>> (client and server) set the "keep-alive" header and that the
>>>>> NTLMSSP_NEGOTIATE and NTLMSSP_AUTH messages are send through the same
>>>>> port.
>>>>> As far as I understand HTTP API, HTTP API does not support the
>>>>> "keep-alive"
>>>>> header and hence my RPG program uses different ports to send these
>>>>> messages.
>>>>>
>>>>> I gladly provide more details or my test library to everyone how want
>>>>> to
>>>>> join me.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Thomas.
>>>>> -----------------------------------------------------------------------
>>>>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>>> -----------------------------------------------------------------------
>>>>
>>>> -----------------------------------------------------------------------
>>>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> -----------------------------------------------------------------------
>>>>
>>> -----------------------------------------------------------------------
>>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>> -----------------------------------------------------------------------
>>
>> -----------------------------------------------------------------------
>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> -----------------------------------------------------------------------
>>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------