Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

NTLM2 authentication fails for large payload

by Anonymous Monk
on Aug 22, 2013 at 18:32 UTC ( #1050553=perlquestion: print w/ replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I have web service that is posting xml data to Windows server using NTLM2 authentication. Works fine but if payload is large (>1.4MB) authorization fails with message 'Credentials for 'login' failed before' and I get 'Client-Response-Num: 1' in every step of authentication - should be 1->2->3

I use Authen::NTLM version 1.09

I was able to submit same large payload using windows *.exe test client and using python client so issue is not network or server size limit.

Here is client code:

#!/usr/bin/perl -w $| = 1; use Authen::NTLM 1.09; use LWP::UserAgent; use HTTP::Request::Common; use Data::Dumper; my $url = 'http://ip:port/xyz'; ntlmv2(1); my $ua = LWP::UserAgent->new(keep_alive=>1); $ua->credentials('ip:port', '', "\\login", 'password'); $ua->add_handler("request_send", sub { print "\n[START request_send h +andler]\n"; shift->dump; print "[END request_send handler]\n\n"; retu +rn }); $ua->add_handler("response_data", sub { print "\n[START response_data + handler]\n"; shift->dump; print "[END response_data handler]\n\n"; r +eturn ; }); my $response=$ua->request( POST $url, Content_Type => 'text/plain', Content => $xmlContent, ); if ($response->is_success) {print "It worked!->" . $response->code . "\ncontent:".$response-> +content.'\n'.$response->status_line."\n".$response->headers()->as_str +ing()."\n";} else {print "It didn't work!->" . $response->code ." ".$response->statu +s_line. "\n".$response->headers()->as_string(). "\n";}

Debug Output for large payload:

[START request_send handler] POST http://url User-Agent: libwww-perl/5.834 Content-Length: 15230551 Content-Type: text/plain <?xml version="1.0" encoding="utf-8" ?> <Contact... (+ 15230039 more bytes not shown) [END request_send handler] [START response_data handler] HTTP/1.1 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-IIS/7.5 WWW-Authenticate: NTLM WWW-Authenticate: Negotiate Content-Length: 1293 Content-Type: text/html Client-Peer: IPport Client-Response-Num: 1 X-Powered-By: ASP.NET [END response_data handler] [START request_send handler] POST http://url Authorization: NTLM Txxx= User-Agent: libwww-perl/5.834 Content-Length: 15230551 Content-Type: text/plain <?xml version="1.0" encoding="utf-8" ?> <Contact... (+ 15230039 more bytes not shown) [END request_send handler] [START response_data handler] HTTP/1.1 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-HTTPAPI/2.0 WWW-Authenticate: NTLM Tlxxx== Content-Length: 341 Content-Type: text/html; charset=us-ascii Client-Peer: IPport Client-Response-Num: 1 Title: Not Authorized [END response_data handler] [START request_send handler] POST http://url Authorization: NTLM Tlxxx User-Agent: libwww-perl/5.834 Content-Length: 15230551 Content-Type: text/plain <?xml version="1.0" encoding="utf-8" ?> <Contact... (+ 15230039 more bytes not shown) [END request_send handler] [START response_data handler] HTTP/1.1 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-IIS/7.5 WWW-Authenticate: NTLM WWW-Authenticate: Negotiate Content-Length: 1293 Content-Type: text/html Client-Peer: IPport Client-Response-Num: 1 X-Powered-By: ASP.NET [END response_data handler] [START request_send handler] POST http://url Authorization: NTLM Txxx= User-Agent: libwww-perl/5.834 Content-Length: 15230551 Content-Type: text/plain <?xml version="1.0" encoding="utf-8" ?> <Contact... (+ 15230039 more bytes not shown) [END request_send handler] [START response_data handler] HTTP/1.1 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-HTTPAPI/2.0 WWW-Authenticate: NTLM Tlxxx== Content-Length: 341 Content-Type: text/html; charset=us-ascii Client-Peer: IPport Client-Response-Num: 1 Title: Not Authorized [END response_data handler] ---------------------------------- ....Removed one step ---------------------------------- [START request_send handler] POST http://url Authorization: NTLM Tlxxx User-Agent: libwww-perl/5.834 Content-Length: 15230551 Content-Type: text/plain <?xml version="1.0" encoding="utf-8" ?> <Contact... (+ 15230039 more bytes not shown) [END request_send handler] [START response_data handler] HTTP/1.1 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-IIS/7.5 WWW-Authenticate: NTLM WWW-Authenticate: Negotiate Content-Length: 1293 Content-Type: text/html Client-Peer: IPport Client-Response-Num: 1 X-Powered-By: ASP.NET [END response_data handler] It didn't work!->401 401 Unauthorized Date: Wed, 21 Aug 2013 23:57:52 GMT Server: Microsoft-IIS/7.5 WWW-Authenticate: NTLM WWW-Authenticate: Negotiate Content-Length: 1293 Content-Type: text/html Client-Date: Tue, 20 Aug 2013 11:58:25 GMT Client-Peer: IPport Client-Response-Num: 1 Client-Warning: Credentials for 'login' failed before Title: 401 - Unauthorized: Access is denied due to invalid credentials +. X-Powered-By: ASP.NET
Thanks!

Comment on NTLM2 authentication fails for large payload
Select or Download Code
Re: NTLM2 authentication fails for large payload
by lithron (Chaplain) on Aug 23, 2013 at 00:22 UTC

    If I were in your shoes, I would look harder at the web service for the source of the error. The web service is the one timing out, not the perl script.

    On another note, is it possible the Windows token timed out before the last large upload?

      Thanks for your reply.

      Service provider says that since python client and windows client running from same location and using same payload are successful, then problem is perl script, not their server.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1050553]
Approved by Corion
Front-paged by sparkyichi
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (7)
As of 2014-10-23 22:26 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (129 votes), past polls