[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to get back "NTLM authentication required" from http_getauth()?

From: "thomas.raddatz@xxxxxxxxxxx" <thomas.raddatz@xxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: How to get back "NTLM authentication required" from http_getauth()?
Date: Thu, 25 Oct 2012 12:37:06 +0200 (CEST)

   Hi Scott,



   Please find the NTLM patch attached to this email. I just zipped my
   local download folder of my PC. "Patches
   v1.2\httpapi_v1.25beta2_ntlm_patches_v1.2.zip" is the zip file that I
   sent to interested users to install the patch.



   Please have in mind that I tried to change HTTPAPIR4 as less as
   possible. Because of that some code blocks may appear "strange" or
   "complicated". On the other hand I was able to keep all the NTLM
   specific stuff inside NTLMR4 and its helper modules.



   The "Fixme" folder contains a debug log that belongs to test case
   TCNTLM05. In that test case http_getAuth() returns rc=#39 although the
   server returned a perfect "WWW-Authenticate" header requesting DIGEST
   authentication. Maybe that should be fixed.



   Let me know if you need additional information.



   Regards,



   Thomas.

   Scott Klement <sk@xxxxxxxxxxxxxxxx> hat am 25. Oktober 2012 um 08:18
   geschrieben:
   > Hi Thomas,
   >
   > I would love to have NTLM authentication in HTTPAPI. I think the
   > problem, previously, was that you didn't like (or maybe didn't
   > understand) the flow of events in the way HTTPAPI does
   authentication,
   > and had therefore created an alternate way of doing it. I'd really
   like
   > to make it work consistently with the way other authentication works
   > (such as digest).
   >
   > But, I no longer remember the details.
   >
   > But, for certain, I'd love to have it if you can make it fit into the
   > HTTPAPI paradigm.
   >
   >
   > On 10/24/2012 1:36 AM, thomas.raddatz@xxxxxx wrote:
   > > Scott,
   > > For sure it was great if we could include NTLM authentication in
   HTTP
   > > API. Most likely I did not understand you correctly but I thought
   that
   > > you did not like the idea of adding NTLM authentication to HTTP API
   at
   > > all. Therefore I asked for the best way of adding parameter
   "peNTLM"
   > > without breaking any compatibility.
   > > So far the patch seems to work for at least 3 users and I am wating
   for
   > > the final feedback of two more users.
   > > The patch supports NTLM v1, NTLM v1 + NTLM2 and NTLM v2. It does
   not
   > > (yet) support signing and sealing of messages. Maybe it is possible
   to
   > > add that in the future.
   > > I would gladly add parameter peNTLM to http_getAuth() if you agreed
   to
   > > adopt the patch. Feel free to read document
   > >
   [1]http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTT
   > > PAPI_and_NTLM_v1.5.pdf to get an overview of the patch.
   > > Attached you find the list of changes of HTTP API and the source
   code
   > > of HTTPAPIR4. Search for "NTLM:" to see the changes.
   > > Let me know if you need further information to make your decision.
   > > Regards,
   > > Thomas.
   > > ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx schrieb am 24.10.2012
   05:25:34:
   > > > Von: sk@xxxxxxxxxxxxxxxx
   > > > An: ftpapi@xxxxxxxxxxxxxxxxxxxxxx,
   > > > Datum: 24.10.2012 05:42
   > > > Betreff: Re: How to get back "NTLM authentication required" from
   > > > http_getauth()?
   > > > Gesendet von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
   > > >
   > > > Hi Thomas,
   > > >
   > > > I don't understand why you want the peNTLM parameter to be
   > > > "unofficial"? Why not make it a part of the base HTTPAPI
   > > distribution
   > > > so that it will always be there and available to everyone who
   wants
   > > to
   > > > use NTLM authentication?
   > > >
   > > > -SK
   > > >
   > > >
   > > > On 10/23/2012 2:34 PM, Thomas Raddatz wrote:
   > > > > Hi Scott,
   > > > >
   > > > > For now users of the NTLM patch either have to know that the
   server
   > > > > requires NTLM authentication or they have to assume it, in case
   > > > > http_getAuth() returns "0" and "false" for "peBasic" and
   > > "peDigest".
   > > > >
   > > > > Since that is somewhat ugly I need a good idea how to extend
   the
   > > > > official HTTP API to get that information.
   > > > >
   > > > > Of course I could add an unofficial parameter "peNTLM" to
   > > > > http_getAuth() but I am concerned about that you might also add
   a
   > > > > parameter (conflicting with peNTLM) some time.
   > > > >
   > > > > Adding a new procedure to the export list is not a good idea as
   > > well,
   > > > > because it would conflict with every extension that you add in
   the
   > > > > future.
   > > > >
   > > > > Do you have a good idea how to solve the problem?
   > > > >
   > > > > Regards,
   > > > >
   > > > > Thomas.
   > > > >
   > >
   -----------------------------------------------------------------------
   > > > > This is the FTPAPI mailing list. To unsubscribe, please go to:
   > > > > [2]http://www.scottklement.com/mailman/listinfo/ftpapi
   > > > >
   > >
   -----------------------------------------------------------------------
   > > > >
   > > >
   > > >
   > >
   -----------------------------------------------------------------------
   > > > This is the FTPAPI mailing list. To unsubscribe, please go to:
   > > > [3]http://www.scottklement.com/mailman/listinfo/ftpapi
   > > >
   > >
   -----------------------------------------------------------------------
   > >
   > > --
   > > IMPORTANT NOTICE:
   > > This email is confidential, may be legally privileged, and is for
   the
   > > intended recipient only. Access, disclosure, copying, distribution,
   or
   > > reliance on any of it by anyone else is prohibited and may be a
   > > criminal
   > > offence. Please delete if obtained in error and email confirmation
   to
   > > the sender.
   > >
   > > References
   > >
   > > 1.
   http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTPAP
   I_and_NTLM_v1.5.pdf
   > > 2. http://www.scottklement.com/mailman/listinfo/ftpapi
   > > 3. http://www.scottklement.com/mailman/listinfo/ftpapi
   > >
   > >
   > >
   > >
   -----------------------------------------------------------------------
   > > This is the FTPAPI mailing list. To unsubscribe, please go to:
   > > http://www.scottklement.com/mailman/listinfo/ftpapi
   > >
   -----------------------------------------------------------------------
   >
   >
   -----------------------------------------------------------------------
   > This is the FTPAPI mailing list. To unsubscribe, please go to:
   > http://www.scottklement.com/mailman/listinfo/ftpapi
   >
   -----------------------------------------------------------------------

Attachment: NTLM Patche v1.2 (Scott Klement).zip
Description: Zip archive

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- How to get back "NTLM authentication required" from http_getauth()?
  - From: Thomas Raddatz
- Re: How to get back "NTLM authentication required" from http_getauth()?
  - From: Scott Klement
- Re: How to get back "NTLM authentication required" from http_getauth()?
  - From: thomas . raddatz
- Re: How to get back "NTLM authentication required" from http_getauth()?
  - From: Scott Klement

Prev by Date: Re: How to get back "NTLM authentication required" from http_getauth()?
Next by Date: Re: FTP Error 10
Previous by thread: Re: How to get back "NTLM authentication required" from http_getauth()?
Next by thread: Re: Unable to Get the WSDL2RPG Values.
Index(es):
- Date
- Thread