Bug #62195 [Opn]: NTLM authentication of current user on different host fails

a dot schilder at gmx dot de Mon, 11 Jun 2012 06:23:15 -0700

Edit report at https://bugs.php.net/bug.php?id=62195&edit=1


 ID:                 62195
 User updated by:    a dot schilder at gmx dot de
 Reported by:        a dot schilder at gmx dot de
-Summary:            NTML authentication of current user on different
                     host fails
+Summary:            NTLM authentication of current user on different
                     host fails
 Status:             Open
 Type:               Bug
 Package:            cURL related
 Operating System:   Windows Server 2008R2
 PHP Version:        5.4.3
 Block user comment: N
 Private report:     N

 New Comment:

Typo in summary corrected


Previous Comments:
------------------------------------------------------------------------
[2012-05-31 10:15:50] a dot schilder at gmx dot de

Description:
------------
A request with NTML authentication using the current, authenticated user 
(CURLOPT_USERPWD ":") doesn't work, when doing a request to another host in the 
same domain. Settings the same credentials directly for CURLOPT_USERPWD works 
as expected.

Test script:
---------------
Script on "server1.domainXYZ", user already authenicated.
Curl requests to "server1.domainXYZ" and "server2.domainXYZ".


Version 1 (Server 1, explicitly setting the credentials of the current user):
...
curl_setopt($ch, CURLOPT_URL, 'http://server1.domainXYZ/file.php');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERPWD, "domainXYZ\\userX:passwordY");
...


Version 2 (Server 1, using current user):
...
curl_setopt($ch, CURLOPT_URL, 'http://server1.domainXYZ/file.php');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERPWD, ":");
...


Version 3 (Server 2, explicitly setting the credentials of the current user):
...
curl_setopt($ch, CURLOPT_URL, 'http://server2.domainXYZ/file.php');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERPWD, "domainXYZ\\userX:passwordY");
...


Version 4 (Server 2, using current user):
...
curl_setopt($ch, CURLOPT_URL, 'http://server2.domainXYZ/file.php');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERPWD, ":");
...

Expected result:
----------------
Version 1: works
Version 2: works
Version 3: works
Version 4: works

Actual result:
--------------
Version 1: works
Version 2: works
Version 3: works
Version 4: doesn't work

In Version 1-3 the user name is correctly sent and logged in the IIS logs 
("cs-username").

In Version 4, the user name in the IIS logs is empty ("-"), so no user name is 
sent by cURL.


------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=62195&edit=1

Bug #62195 [Opn]: NTLM authentication of current user on different host fails

Reply via email to