Hi Scott, Please find the NTLM patch attached to this email. I just zipped my local download folder of my PC. "Patches v1.2\httpapi_v1.25beta2_ntlm_patches_v1.2.zip" is the zip file that I sent to interested users to install the patch. Please have in mind that I tried to change HTTPAPIR4 as less as possible. Because of that some code blocks may appear "strange" or "complicated". On the other hand I was able to keep all the NTLM specific stuff inside NTLMR4 and its helper modules. The "Fixme" folder contains a debug log that belongs to test case TCNTLM05. In that test case http_getAuth() returns rc=#39 although the server returned a perfect "WWW-Authenticate" header requesting DIGEST authentication. Maybe that should be fixed. Let me know if you need additional information. Regards, Thomas. Scott Klement <sk@xxxxxxxxxxxxxxxx> hat am 25. Oktober 2012 um 08:18 geschrieben: > Hi Thomas, > > I would love to have NTLM authentication in HTTPAPI. I think the > problem, previously, was that you didn't like (or maybe didn't > understand) the flow of events in the way HTTPAPI does authentication, > and had therefore created an alternate way of doing it. I'd really like > to make it work consistently with the way other authentication works > (such as digest). > > But, I no longer remember the details. > > But, for certain, I'd love to have it if you can make it fit into the > HTTPAPI paradigm. > > > On 10/24/2012 1:36 AM, thomas.raddatz@xxxxxx wrote: > > Scott, > > For sure it was great if we could include NTLM authentication in HTTP > > API. Most likely I did not understand you correctly but I thought that > > you did not like the idea of adding NTLM authentication to HTTP API at > > all. Therefore I asked for the best way of adding parameter "peNTLM" > > without breaking any compatibility. > > So far the patch seems to work for at least 3 users and I am wating for > > the final feedback of two more users. > > The patch supports NTLM v1, NTLM v1 + NTLM2 and NTLM v2. It does not > > (yet) support signing and sealing of messages. Maybe it is possible to > > add that in the future. > > I would gladly add parameter peNTLM to http_getAuth() if you agreed to > > adopt the patch. Feel free to read document > > [1]http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTT > > PAPI_and_NTLM_v1.5.pdf to get an overview of the patch. > > Attached you find the list of changes of HTTP API and the source code > > of HTTPAPIR4. Search for "NTLM:" to see the changes. > > Let me know if you need further information to make your decision. > > Regards, > > Thomas. > > ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx schrieb am 24.10.2012 05:25:34: > > > Von: sk@xxxxxxxxxxxxxxxx > > > An: ftpapi@xxxxxxxxxxxxxxxxxxxxxx, > > > Datum: 24.10.2012 05:42 > > > Betreff: Re: How to get back "NTLM authentication required" from > > > http_getauth()? > > > Gesendet von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx > > > > > > Hi Thomas, > > > > > > I don't understand why you want the peNTLM parameter to be > > > "unofficial"? Why not make it a part of the base HTTPAPI > > distribution > > > so that it will always be there and available to everyone who wants > > to > > > use NTLM authentication? > > > > > > -SK > > > > > > > > > On 10/23/2012 2:34 PM, Thomas Raddatz wrote: > > > > Hi Scott, > > > > > > > > For now users of the NTLM patch either have to know that the server > > > > requires NTLM authentication or they have to assume it, in case > > > > http_getAuth() returns "0" and "false" for "peBasic" and > > "peDigest". > > > > > > > > Since that is somewhat ugly I need a good idea how to extend the > > > > official HTTP API to get that information. > > > > > > > > Of course I could add an unofficial parameter "peNTLM" to > > > > http_getAuth() but I am concerned about that you might also add a > > > > parameter (conflicting with peNTLM) some time. > > > > > > > > Adding a new procedure to the export list is not a good idea as > > well, > > > > because it would conflict with every extension that you add in the > > > > future. > > > > > > > > Do you have a good idea how to solve the problem? > > > > > > > > Regards, > > > > > > > > Thomas. > > > > > > ----------------------------------------------------------------------- > > > > This is the FTPAPI mailing list. To unsubscribe, please go to: > > > > [2]http://www.scottklement.com/mailman/listinfo/ftpapi > > > > > > ----------------------------------------------------------------------- > > > > > > > > > > > > ----------------------------------------------------------------------- > > > This is the FTPAPI mailing list. To unsubscribe, please go to: > > > [3]http://www.scottklement.com/mailman/listinfo/ftpapi > > > > > ----------------------------------------------------------------------- > > > > -- > > IMPORTANT NOTICE: > > This email is confidential, may be legally privileged, and is for the > > intended recipient only. Access, disclosure, copying, distribution, or > > reliance on any of it by anyone else is prohibited and may be a > > criminal > > offence. Please delete if obtained in error and email confirmation to > > the sender. > > > > References > > > > 1. http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTPAP I_and_NTLM_v1.5.pdf > > 2. http://www.scottklement.com/mailman/listinfo/ftpapi > > 3. http://www.scottklement.com/mailman/listinfo/ftpapi > > > > > > > > ----------------------------------------------------------------------- > > This is the FTPAPI mailing list. To unsubscribe, please go to: > > http://www.scottklement.com/mailman/listinfo/ftpapi > > ----------------------------------------------------------------------- > > ----------------------------------------------------------------------- > This is the FTPAPI mailing list. To unsubscribe, please go to: > http://www.scottklement.com/mailman/listinfo/ftpapi > -----------------------------------------------------------------------
Attachment:
NTLM Patche v1.2 (Scott Klement).zip
Description: Zip archive
----------------------------------------------------------------------- This is the FTPAPI mailing list. To unsubscribe, please go to: http://www.scottklement.com/mailman/listinfo/ftpapi -----------------------------------------------------------------------