[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: SV: Basic Authentication - Windows Sharepoint server



Hi Thomas,
 
I have been busy with another project the last couple of months, but are now ready to make a new try on NTLM and httpapi.
Does this mean that I need to download an upgraded NTLM patch?
 
Best regards,
Magne
 

________________________________

Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx på vegne av Thomas Raddatz
Sendt: ti 12.02.2013 18:42
Til: HTTPAPI and FTPAPI Projects
Emne: Re: SV: Basic Authentication - Windows Sharepoint server



Hi Magne,

Just for the records, but in fact the server seems to support three
authentication schemes: SPNEGO (Kerberos or NTLM), NTLM and BASIC.

See also: http://msdn.microsoft.com/en-us/library/ms995329.aspx

The problem is that HTTPAPI does not check all available protocols but
picks up the first protocol only.

The parameter list of http_getAuth(peBasic: peDigest: peRealm) makes be
believe, that somewhere in the past HTTPAPI checked for BASIC and DIGEST
authentication scheme and that it was changed to pick up only the first
one, later.

Today interpret_auth() is called only once and hence picks the first
authentication scheme available and ignores additional options. That is
something I had to change for my NTLM patch.

Regards,

Thomas.

Am 11.02.2013 21:19, schrieb Magne Kofoed:
> Hi,
>
> this is not Basic Authentication, but NTLM.
>
>>From your debug file:   WWW-Authenticate: NTLM
>
> Thomas Raddatz have a solution on how to use HTTPApi with NTLM.
> http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTPAPI_and_NTLM_v1.5.pdf
>
> Best regards,
> Magne
>
>
>
>
> ________________________________
>
> Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx på vegne av Patrick Goovaerts
> Sendt: ma 11.02.2013 14:53
> Til: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> Emne: Basic Authentication - Windows Sharepoint server
>
>
>
> Our windows Sharepoint server + IIS server running on same system has both 'Basic Authentication' enabled.  Can't figure out what the problem is, I use same to connect to another server in our environment without any problem.  Windows server log gives the following error:
> Account For Which Logon Failed:
>                  Security ID:                           NULL SID
>                  Account Name:                    PGO
>                  Account Domain:                CLIPPER
>
> Whereas it should be something like this:
>                  Security ID:                           CLIPPER\dl
>                  Account Name:                    dl
>                  Account Domain:                CLIPPER
>
> Hence the 'SecurityID'...
>
> Any suggestions????
>
>
> In my RPG app, I set following property:
> http_setAuth(HTTP_AUTH_BASIC:'CLIPPER\userid':'userpassword');
>
>
> Then I prepare XML soapmessage and execute the following code:
> rc = http_url_post(
>                    WS_Path
>                  : %addr(SOAPMSG) + 2
>                  : %len(SOAPMSG)
>                  : SoapResponse
>                  : HTTP_TIMEOUT
>                  : HTTP_USERAGENT
>                  : 'text/xml'
>         : SoapAction);
>
> This ends in the following http_error:
> This page requires a user-id & password
>
> Debuglog contains the following:
> HTTPAPI Ver 1.24 released 2012-01-23
> OS/400 Ver V7R1M0
>
> New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
> http_setauth(): entered
> http_url_post(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 3
> DNS resolver retry  : 5
> DNS resolver options: x'00000136'
> DNS default domain: CLIPPERSUPPORT.BE
> DNS server found: 10.0.0.180
> DNS server found: 10.0.0.14
> http_persist_post(): entered
> http_persist_req(POST) entered.
> http_long_ParseURL(): entered
> do_oper(POST): entered
> There are 0 cookies in the cache
> POST /TestSite/_vti_bin/copy.asmx HTTP/1.1
> Host: Sharepnt
> User-Agent: http-api/1.24
> Content-Type: text/xml
> SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetItem
> Content-Length: 347
> Authorization: Basic Q0xJUFBFUlxQR086UU9TTUlP
>
>
> senddoc(): entered
> <?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/";> <soapenv:Header/><soapenv:Body><soap:GetItem>     <soap:Url>HTTP://sharepnt/TestSite/Sermar Dossiers/Testje.pdf</soap:Url>  </soap:GetItem></soapenv:Body></soapenv:Envelope>
> recvresp(): entered
> HTTP/1.1 401 Unauthorized
> Server: Microsoft-IIS/7.0
> SPRequestGuid: ceb76eb7-af7a-4924-a334-a7e74bd06975
> WWW-Authenticate: Negotiate
> WWW-Authenticate: NTLM
> WWW-Authenticate: Basic realm="Sharepnt"
> X-Powered-By: ASP.NET
> MicrosoftSharePointTeamServices: 14.0.0.6029
> Date: Mon, 11 Feb 2013 13:47:27 GMT
> Content-Length: 0
>
>
> SetError() #13: HTTP/1.1 401 Unauthorized
> recvresp(): end with 401
> recvdoc parms: identity 0
> interpret_auth(): entered
> SetError() #36: This page requires a user-id & password
> http_close(): entered
>
>
>
> When using
>
> Patrick Goovaerts
> Systems & Development
>
> vCard<http://www.conti7.be/VCards/PGO.vcf>
>
> [emailsignature_c]
>
>
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------


<<winmail.dat>>

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------