Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

lwp::authen::ntlm(3) [suse man page]

LWP::Authen::Ntlm(3)					User Contributed Perl Documentation				      LWP::Authen::Ntlm(3)

NAME

       LWP::Authen::Ntlm - Library for enabling NTLM authentication (Microsoft) in LWP

SYNOPSIS

	use LWP::UserAgent;
	use HTTP::Request::Common;
	my $url = 'http://www.company.com/protected_page.html';

	# Set up the ntlm client and then the base64 encoded ntlm handshake message
	my $ua = new LWP::UserAgent(keep_alive=>1);
	$ua->credentials('www.company.com:80', '', "MyDomain\MyUserCode", 'MyPassword');

	$request = GET $url;
	print "--Performing request now...-----------
";
	$response = $ua->request($request);
	print "--Done with request-------------------
";

	if ($response->is_success) {print "It worked!->" . $response->code . "
"}
	else {print "It didn't work!->" . $response->code . "
"}

DESCRIPTION

       "LWP::Authen::Ntlm" allows LWP to authenticate against servers that are using the NTLM authentication scheme popularized by Microsoft.
       This type of authentication is common on intranets of Microsoft-centric organizations.

       The module takes advantage of the Authen::NTLM module by Mark Bush.  Since there is also another Authen::NTLM module available from CPAN by
       Yee Man Chan with an entirely different interface, it is necessary to ensure that you have the correct NTLM module.

       In addition, there have been problems with incompatibilities between different versions of Mime::Base64, which Bush's Authen::NTLM makes
       use of.	Therefore, it is necessary to ensure that your Mime::Base64 module supports exporting of the encode_base64 and decode_base64
       functions.

USAGE

       The module is used indirectly through LWP, rather than including it directly in your code.  The LWP system will invoke the NTLM
       authentication when it encounters the authentication scheme while attempting to retrieve a URL from a server.  In order for the NTLM
       authentication to work, you must have a few things set up in your code prior to attempting to retrieve the URL:

       o   Enable persistent HTTP connections

	   To do this, pass the "keep_alive=>1" option to the LWP::UserAgent when creating it, like this:

	       my $ua = new LWP::UserAgent(keep_alive=>1);

       o   Set the credentials on the UserAgent object

	   The credentials must be set like this:

	      $ua->credentials('www.company.com:80', '', "MyDomain\MyUserCode", 'MyPassword');

	   Note that you cannot use the HTTP::Request object's authorization_basic() method to set the credentials.  Note, too, that the
	   'www.company.com:80' portion only sets credentials on the specified port AND it is case-sensitive (this is due to the way LWP is coded,
	   and has nothing to do with LWP::Authen::Ntlm)

AVAILABILITY

       General queries regarding LWP should be made to the LWP Mailing List.

       Questions specific to LWP::Authen::Ntlm can be forwarded to jtillman@bigfoot.com

COPYRIGHT

       Copyright (c) 2002 James Tillman. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
       same terms as Perl itself.

SEE ALSO

       LWP, LWP::UserAgent, lwpcook.

perl v5.12.1							    2009-06-15						      LWP::Authen::Ntlm(3)

Check Out this Related Man Page

LWP::Authen::Negotiate(3pm)				User Contributed Perl Documentation			       LWP::Authen::Negotiate(3pm)

NAME

       LWP::Authen::Negotiate - GSSAPI based Authentication Plugin for LWP

SYNOPSIS

	  #! /usr/bin/perl -w

	  use strict;
	  require LWP::UserAgent;

	  # uncomment if you want see what is going wrong messages
	  #
	  #use LWP::Debug qw(+);

	  my $ua = LWP::UserAgent->new;
	  my $response = $ua->get('http://testwurst.grolmsnet.lan:8090/geheim/');
	  if ($response->is_success) {
	     print $response->content;	# or whatever
	  }
	  else {
	      die $response->status_line;
	  }

       just install LWP::Authen::Negotiate, LWP uses it as authentication plugin.  Use your LWP::UserAgent Scripts as usual.  Authentication is
       done transparent based on your GSSAPI installation (MIT Kerberos or Heimdal)

       WWW-Negotiate Webservers are IIS or Apache with mod_auth_kerb for example.

DESCRIPTION

       To see what ist going on add

	  use LWP::Debug qw(+);

       to yor LWP using Scripts.

       (e.g. too see what is going wrong with GSSAPI...)

DEBUGGING

       To see what ist going on (and going wrong) add

	  use LWP::Debug qw(+);

       to yor LWP using Scripts.

       (e.g. too see what is going wrong with GSSAPI...)

       the output will look like this:

	  LWP::UserAgent::new: ()
	  LWP::UserAgent::request: ()
	  LWP::UserAgent::send_request: GET http://testwurst.grolmsnet.lan:8090/geheim/
	  LWP::UserAgent::_need_proxy: Not proxied
	  LWP::Protocol::http::request: ()
	  LWP::Protocol::collect: read 478 bytes
	  LWP::UserAgent::request: Simple response: Unauthorized
	  LWP::Authen::Negotiate::authenticate: authenticate() called
	  LWP::Authen::Negotiate::authenticate: target hostname testwurst.grolmsnet.lan
	  LWP::Authen::Negotiate::authenticate: GSSAPI servicename     HTTP/moerbsen.grolmsnet.lan@GROLMSNET.LAN
	  LWP::Authen::Negotiate::authenticate:  Miscellaneous failure (see text)
	  LWP::Authen::Negotiate::authenticate: open(/tmp/krb5cc_1000): file not found

       In this case the credentials cache was empty.  Run kinit first ;-)

ENVIRONMENT

       LWP_AUTHEN_NEGOTIATE_DELEGATE
	   Define to enable ticket forwarding to webserver.

SEE ALSO

       http://www.kerberosprotocols.org/index.php/Draft-brezak-spnego-http-03.txt
	   Description of WWW-Negotiate protol

       http://modauthkerb.sourceforge.net/
	   the Kerberos and SPNEGO Authentication module for Apache mod_auth_kerb

       http://perlgssapi.sourceforge.net/
	   Module Homepage

       http://www.kerberosprotocols.org/index.php/Web
	   Sofware and APIs related to WWW-Negotiate

       http://www.grolmsnet.de/kerbtut/
	   describes how to let mod_auth_kerb play together with Internet Explorer and Windows2003 Server

BUGS

       As default Kerberos 5 is selected as GSSAPI mechanism.  a later veriosn will make that configureable.

AUTHOR

       Achim Grolms, <achim@grolmsnet.de>

       http://perlgssapi.sourceforge.net/

       Thanks to

       Leif Johansson
	   who has conributed a lot of code from his implementation of the module and send a lot of input, ideas and feedback

       Harald Joerg
	   helped with Kerberos knowledge and does testing on cygwin against IIS and mod_auth_kerb

       Christopher Odenbach
	   does a lot of testing on Linux and Solaris

       Dax Kelson
	   does a lot of testing on Linux

       Karsten Kuenne
	   helped with advice

COPYRIGHT AND LICENSE

       Copyright (C) 2006 by Achim Grolms <perl@grolmsnet.de>

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or,
       at your option, any later version of Perl 5 you may have available.

perl v5.10.1							    2009-10-29					       LWP::Authen::Negotiate(3pm)
Man Page