[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems with ntlm authentication (message type-2)
Timo,
Sorry for the late reply. First I was on vacation and then I had no
Internet for a week due to a broken DSL router.
Looking at your debug logs I notice some differences between the soapUI log
and the WSDL2RPG log.
First there is no NTLM authentication type-1 message sent by soapUI. But
the user credentials are part of the URL:
GET
/SPUserWebservice/SPUserWebservice.svc/rest/SetUserProfilePropertyXML?mysiteUrl=http%3A%2F%2Fmy.company.corp&username=DE%5C%5CUserName&property=ERPImportData&value=%22PurchaseOrder%3D316888%22
HTTP/1.1
The next thing is that WSDL2RPG also sends the user credentials with the
URL, but also sends a type-1 NTLM message in order to start the negotiation
of the NTLM parameters:
GET
/SPUserWebservice/SPUserWebservice.svc/rest/SetUserProfilePropertyXML?mysiteUrl=http://my.company.corp&username=DE\\UserName&property=ERPImportData&value="PurchaseOrder=316883"
HTTP/1.1
Authorization: NTLM TlRMTVNTUAABAAAAByIAAAAAAAAAAAAACgAKACAAAABRUEFERVYwMEQ5
Since the server ignores the type-1 message and hence does not return a
type-2 message, WSDL2RPG complains about the missing type-2 message:
"failed validating type-2 message"
But since the server did return the expected data, I assume that you can
safely drop http_setauth() from your program. It seems as if the server is
not set up for NTLM authentication.
Regards,
Thomas.
Am 25.07.2014 17:05, schrieb Timo:
> Hello
>
> I'm calling a web Service (SharePoint REST service) which runs under
> NTLM authentication using the NTLM patch written by Thomas.
> The debug log looks good till HTTPAPI tries to process the recvdoc()
> procedure. The web service response is a simple true/false flag, we�ve
> tried both for the response, json and xml which hasn�t any effect to
> the error message. The error message in the debug log is �failed
> validating type-2 message� which comes from NTMLR4 module. This is
> confusing for me, because before the error message I�ve got an HTTP 200
> response code and the correct response message so I�ve assumed that the
> authentication process was successfully. So the question is why I�ve
> got the �failed validating type-2 message� after the whole processing
> with the webserver is done? I�ve seen in debug, that the field
> ntlmType2Msg
> from dsAuth is empty before the check for the message type:
>
> � � � type2Msg =
> Message_decodeBase64(dsAuth.ntlmType2Msg);� � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � if (not Message_isType2(type2Msg));
> � � � � � � � � � � � � � � dsAuth.ntlmStatus =
> NTLM_NONE;� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � SetError(HTTP_NDAUTH: ' failed validating
> type-2 message');
> � � � � � � � � � � � � � � rc =
> -1;� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � �
> leave;� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �
> � �
> � � � � � � � � � � � endif;�
>
> I�ve attached the whole debug log and a log from SoapUI for the same
> service.
>
> Thanks,
>
> Timo
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------