Re: [twsocket] NTLM authentication reloaded

Thu, 19 Jan 2006 09:07:20 -0800 

I don't have a specific case where it isn't working.
I was trying to fix things and I thought that someone knows how 
proxies/http servers are accecpting NTLM credentials.

Paul wrote:

>>I did this in the HTTP authentication part not in the proxy.
>>Can somebody confirm that in case of NTLM proxies, should work the same 
>>way?
>>    
>>
>
>There are several ways a proxy auth is requested,
>it depends on the proxy settings and/or domain
>or even a workgroup.
>
>- username
>- domain\username
>- [EMAIL PROTECTED]
>
>You should try them all yourself and select the one that works
>
>Paul
>
>
>
>----- Original Message ----- 
>From: "Tibor Csonka" <[EMAIL PROTECTED]>
>To: <twsocket@elists.org>
>Sent: Thursday, January 19, 2006 5:32 PM
>Subject: [twsocket] NTLM authentication reloaded
>
>
>  
>
>>Hello list,
>>
>>I've just ran into a small bug in NTLM authentication from HttpCli.
>>There is a possibility that the user enters the username as
>>domain\username.
>>In this case HttpCli will send the username and the domain as the
>>username, wich is not working (at least on IIS 6).
>>The code looks like this:
>>       Result := NtlmGetMessage3('', Hostname, FUsername, FPassword,
>>FNTLMMsg2Info.Challenge);
>>where NtlmGetMessage3 is defined as:
>>       function NtlmGetMessage3(const ADomain, AHost, AUser, APassword:
>>String; AChallenge: TArrayOf8Bytes): String;
>>This function will generate the last NTLM message containing the
>>authentication information.
>>The call, as you can see set the domain to empty string in all cases but
>>if the user supplies the usernames in the manner I've mentioned before
>>this is not correct.
>>
>>A fast dirty fix which I made is:
>>       DomPos := Pos('\', FUsername);
>>       if DomPos<>0 then
>>         begin
>>           Dom   := Copy(FUsername, 1, DomPos-1);
>>           UName := Copy(FUsername, DomPos + 1, Length(FUsername)-DomPos);
>>         end
>>       else
>>         begin
>>           Dom   := '';
>>           UName := FUsername;
>>         end;
>>
>>Result := NtlmGetMessage3(Dom, Hostname, UName, FPassword,
>>FNTLMMsg2Info.Challenge);
>>
>>I did this in the HTTP authentication part not in the proxy.
>>Can somebody confirm that in case of NTLM proxies, should work the same 
>>way?
>>
>>Best regards,
>>Tibor Csonka
>>-- 
>>To unsubscribe or change your settings for TWSocket mailing list
>>please goto http://www.elists.org/mailman/listinfo/twsocket
>>Visit our website at http://www.overbyte.be
>>
>>
>>    
>>
>
>  
>
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to