Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: C NTLM Authorization via HTTP
Top Forums Programming C NTLM Authorization via HTTP Post 302205972 by edvin on Monday 16th of June 2008 04:25:16 PM
Old 06-16-2008
Question C NTLM Authorization via HTTP
Greetings,

I am writing a C socket application that needs NTLM authorization before it can post HTTP requests, and
I am having trouble with NTLM authorization messages.

:b: I've found the following urls extremely valuable for creating message functions:
Furthermore, I've been able to validate my response functions by utilizing input values from the examples found in the above URL.

Even though I am using XP client and W2003 server, I expected that NTLMv1 authentication work, see Implementing CIFS: SMB

Using Network Monitor I observed the traffic of another client (MSXML2.ServerXMLHTTP). After decoding base64 NTLMAuthorization and WWWAuthenticate messages, I found that “Negotiate NTLM2 Key” (0x00080000) is set, which is why I am assuming the NTLM session response is utilized:
The NTLM Authentication Protocol and Security Support Provider

As I mentioned earlier, when I plug-in sample client_challange (nonce), and server_challange, username, password in my functions I get the same NTLM response
as the above section. However, :confused: when I utilize my own information, I end up with
“HTTP/1.1 401 Unauthorized” in response for my message3.

I am authenticating against TARGET_TYPE_SERVER, thus, we are dealing with server level validation rather than domain.

I just have not been able to nail down the right sequence of flags and responses. I would be greatful to any guidance in resolving my issue.

Thanks in advance
 

7 More Discussions You Might Find Interesting

1. HP-UX

SMTP and NTLM

Hi, I have a HP Unix from which I'm trying to connect to an email server through telnet and test sending emails using commands. Why am I doing that is not important. The email server is an Exchange server and it looks like that the only Authentication method it supports is NTLM. The host name... (0 Replies)
Discussion started by: gheibia
0 Replies

2. Programming

sending http url through http socket programming..

hi am senthil am developing a software to send and receive SMS using HTTP connection first of all am forming a URL and sending that URL to a remote server using my Client Program i send that url through Socket(using Send() Function) if i send more than one URL one by one using the same... (0 Replies)
Discussion started by: senkerth
0 Replies

3. Shell Programming and Scripting

sending http url through http socket programming..

hi am senthil am developing a software to send and receive SMS using HTTP connection first of all am forming a URL and sending that URL to a remote server using my Client Program i send that url through Socket(using Send() Function) if i send more than one URL one by one using the same... (4 Replies)
Discussion started by: senkerth
4 Replies

4. UNIX for Dummies Questions & Answers

Configure Cyrus SASL NTLM Plugin with Postfix

Hello I hope somebody can help with this. I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication. 250-AUTH NTLM This is the configuration I have: Postfix 2.1.1 as client. Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies

5. Shell Programming and Scripting

Configure Cyrus SASL NTLM Plugin with Postfix

Hello I hope somebody can help with this. I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication. 250-AUTH NTLM This is the configuration I have: Postfix 2.1.1 as client. Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies

6. Web Development

HTTP Headers Reference: HTTP Status-Codes

Hypertext Transfer Protocol -- HTTP/1.1 for Reference - HTTP Headers 10 Status Code Definitions Each Status-Code is described below, including a description of which method(s) it can follow and any metainformation required in the response. (1 Reply)
Discussion started by: Neo
1 Replies

7. Shell Programming and Scripting

awk script to find time difference between HTTP PUT and HTTP DELETE requests in access.log

Hi, I'm trying to write a script to determine the time gap between HTTP PUT and HTTP DELETE requests in the HTTP Servers access log. Normally client will do HTTP PUT to push content e.g. file_1.txt and 21 seconds later it will do HTTP DELETE, but sometimes the time varies causing some issues... (3 Replies)
Discussion started by: Juha
3 Replies

LEARN ABOUT MOJAVE

gss

gss(5)							      BSD File Formats Manual							    gss(5)

NAME

     gss -- how to configure gss framework

DESCRIPTION

     The gss GSS.frameworks have several configuration domains, all can configured with defaults(1).

     Configuration can be stored both in the user's configuration ( ~/Library/Preferences) and system ( /Library/Preferences ).

CONFIGURATION OPTIONS

     Use gsstool(1) to list the supported options and their settings:
	   gsstool supported-mech --options

     Common options are:

     NTLM 'Force NTLMv1'
	     Force client to use NTLMv1

     NTLM NTLMv1
	     Enable support for NTLMv1 in both client and server

     NTLM NTLMv2
	     Enable support for NTLMv2 in both client and server

     NTLM 'NTLM session key'
	     Require backends to support for NTLMv2 session key, Lion and earlier dont support this.  Session keys is required for NTLM MIC that
	     stops reflection attacks.

     NTLM 'AllowedHosts'
	     What hosts that NTLM is allowed to be used for. When there a host that is not on the list, NTLM will not be used. File globbing is
	     used when matching and it's case insensitive.  When there is no configuration, all hosts are allowed.

	     defaults write com.apple.GSS.NTLM AllowedHosts -array host.local '*.my.domain'

NTLM options
     If you want to disable NTLM support completely in both the acceptor (server) and initiator (client), you need disable both NTLMv1 and NTLMv2,
     and set their values to boolean false or 0.

     defaults write com.apple.GSS.NTLM NTLMv1 -bool false
     defaults write com.apple.GSS.NTLM NTLMv2 -bool false

APPLE MAC OS X

     You can use the defaults write command to change the options, for simple boolean options, use this:
	   defaults write com.apple.GSS.NTLM NTLMv1 -bool false

     You can also turn on debugging (output in syslog) using:
	   defaults write com.apple.GSS DebugLevel -int 10
	   open -a Console

SEE ALSO

     defaults(1), gss_mo(3), heimdal_debug(1)

HEIMDAL 
							    Sep 1, 2010 							   HEIMDAL
All times are GMT -4. The time now is 05:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy