Hi Scott,
I am trying to perform a negative test in my interface by entering an invalid username and password. Previously, my interface is able to handle this scenario using HTTPAPI v1.24. I upgraded the HTTPAPI version to v1.31 and now I am having an error in module NTLMR4. Here is the error that I got:
Length or start position is out of range for the string operation.
Unmonitored exception at line 7535
In line:
token = %subst(tokens: start+1: offs-start);
Here are the values in each variable:
TOKENS = Basic realm=login
START = 12
OFFS = 2049
I noticed that one major difference between the versions is the NTLM authentication. Thus, I am trying to disable it to skip going into this line.
Thanks,
Victor
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Wednesday, April 13, 2016 1:45 AM
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: HTTPAPI - Disable NTLM Support
Victor,
We never intended for you to disable this manually... The INSTALL
program automatically enables/disables based on whether you are running
V5R3 or newer. In fact, that is the only reason there is an option to
disable it at all -- because it won't work on releases older than V5R3.
Otherwise we would never have given a disable option.
Can you explain why you want to disable it? If you don't need NTLM, just don't use it...
-SK
On 4/12/2016 2:47 AM, victor.j.l.parafina@xxxxxxxxxxxxx wrote:
Hi,
I am trying to disable NTLM Support during the installation of HTTPAPI
1.31; however after completing the installation, it seems that the tool
still supports NTLM authentication. What I have done is before creating
the Install program, I manually updated the following lines in
CONFIG_H:
From:
D/define NTLM_SUPPORT
To:
D/undefine NTLM_SUPPORT
Once done, I continued with the installation setting the following
items:
Question
Value
Would you like to build the sample programs?
N
Would you like to build HTTPAPI with SSL support?
Y
Would you like to build eXpat from source code?
N
Would you like to compile support for eXpat into HTTPAPI?
N
After the installation, I checked the same file and has the NTLM
Support option set as defined. I performed a debug and the program
still goes on to the code in which the option NTLM support is defined.
Please see example below:
/if defined(NTLM_SUPPORT)
c callp AuthPlugin_resetAuthentication()
/endif
Are there any steps that I have missed in undefining NTLM support?