Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re^3: How to select NTLM authentication with LWP

by tiedwu (Initiate)
on Oct 11, 2011 at 03:58 UTC ( #930737=note: print w/ replies, xml ) Need Help??


in reply to Re^2: How to select NTLM authentication with LWP
in thread How to select NTLM authentication with LWP

I've updated the latest version NTLM-1.09 which provides ntlmv2(), it still doesn't work and it will not have a redirect to 10.1.1.2. I am confusing which one is workable, NTLM-1.09 made by Nick Bebout or NTLM-1.02 made by Mark J Bush? The output:

elvis@elvis-laptop:~/tmp/person$ ./d2.pl --Peforming request now...--------- --Done with request ...--------- Error: 401 Unauthorized Date: Tue, 11 Oct 2011 03:43:53 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1327 Content-Type: text/html Client-Date: Tue, 11 Oct 2011 03:47:44 GMT Client-Peer: 10.1.1.1:80 Client-Response-Num: 1 Client-Warning: Unsupported authentication scheme 'negotiate' Title: ��δ����Ȩ&#6 +5533;鿴��ҳ X-Powered-By: ASP.NET


Comment on Re^3: How to select NTLM authentication with LWP
Download Code
Re^4: How to select NTLM authentication with LWP
by tiedwu (Initiate) on Oct 11, 2011 at 04:38 UTC
    For clarifying if it is related to the patch of /usr/local/share/perl/5.10.1/LWP/Authen/Ntlm.pm, I covered it back and update the new output:
    --Peforming request now...--------- --Done with request ...--------- Error: 401 Unauthorized Date: Tue, 11 Oct 2011 04:32:33 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1251 Content-Type: text/html Client-Date: Tue, 11 Oct 2011 04:36:23 GMT Client-Peer: 10.1.1.1:80 Client-Response-Num: 7 Client-Warning: Credentials for 'domain\user' failed before Title: ��δ����Ȩ&#6 +5533;鿴��ҳ X-Powered-By: ASP.NET
    The perl script is following:
    #!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common; use LWP::Debug qw(+); use Authen::NTLM; use strict; use warnings; ntlmv2(1); my $url = "http://10.1.1.1"; my $ua = new LWP::UserAgent(keep_alive => 1); $ua->credentials('10.1.1.1:80', '', 'domain\user', 'password'); my $req = HTTP::Request->new(GET => $url); print "--Peforming request now...---------\n"; my $res = $ua->request($req); print "--Done with request ...---------\n"; # check the outcome if ($res->is_success) { print $res->content; } else { print "Error: " . $res->status_line . "\n"; print $res->headers()->as_string(), "\n"; } exit 0;
      LWP::Authen::Ntlm has all the info you need. Note also that you do not have to specifically mention Authen::NTLM as that is automatically covered by LWP. As for credentials, I usually use localhost\\myusername followed by my personal password. myDomain\\user won't work:).
        You said I should add ntlmv2(1), but the one problem is there is no function called ntlmv2 in Mark Bush's Authen::NTLM, so I am just confusing.

        By adding some codes to output debug message, the http headers receiving and sending like -

        Receiving Header

        DEBUG CHALLENGE=NTLM

        Sending Header

        DEBUG AUTH_VALUE=NTLM TlRMTVNTUAABAAAAB7IAAAgACAAgAAAACAAIACgAAAA5NTA4MzEwMXF1YW50YWNu

        Receiving Header

        DEBUG CHALLENGE=NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgoECPKv/RSekCEkAAAAAAAAAAI4AjgBIAAAABQLODgAAAA9SAFMAUQBVAEEATgBUAEEAAgAQAFIAUwBRAFUAQQBOAFQAQQABAA4AUQBTAE0AQwBIAFIANQAEABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAwAoAHEAcwBtAGMAaAByADUALgBSAFMAUQB1AGEAbgB0AGEALgBjAG8AbQAFABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAAAAAA==

        Sending Header

        DEBUG AUTH_VALUE=NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABAAEABwAAAAEAAQAIAAAAAQABAAkAAAAAAAAABgAAAABYKBAuQZ9M9LeG8EjqdivTY2s5nJtXiH67DptXptZiLTjwA5EcoOL/rTVRhRokq/SFJ4o3EAdQBhAG4AdABhAGMAbgA5ADUAMAA4ADMAMQAwADEAOQA1ADAAOAAzADEAMAAxAA==

        Then falls into 401: Unauthorized.

        I am wondering the last header received from server was wrong or the last header which send to server was wrong.
        You said I should add ntlmv2(1), but the one problem is there is no function called ntlmv2 in Mark Bush's Authen::NTLM, so I am just confusing.

        By adding some codes to output debug message, the http headers receiving and sending like -

        Receiving Header

        DEBUG: CHALLENGE=NTLM

        Sending Header

        DEBUG: AUTH_VALUE=NTLM TlRMTVNTUAABAAAAB7IAAAgACAAgAAAACAAIACgAAAA5NTA4MzEwMXF1YW50YWNu

        Receiving Header

        DEBUG: CHALLENGE=NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgoECPKv/RSekCEkAAAAAAAAAAI4AjgBIAAAABQLODgAAAA9SAFMAUQBVAEEATgBUAEEAAgAQAFIAUwBRAFUAQQBOAFQAQQABAA4AUQBTAE0AQwBIAFIANQAEABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAwAoAHEAcwBtAGMAaAByADUALgBSAFMAUQB1AGEAbgB0AGEALgBjAG8AbQAFABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAAAAAA==

        Sending Header

        DEBUG: AUTH_VALUE=NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABAAEABwAAAAEAAQAIAAAAAQABAAkAAAAAAAAABgAAAABYKBAuQZ9M9LeG8EjqdivTY2s5nJtXiH67DptXptZiLTjwA5EcoOL/rTVRhRokq/SFJ4o3EAdQBhAG4AdABhAGMAbgA5ADUAMAA4ADMAMQAwADEAOQA1ADAAOAAzADEAMAAxAA==

        Then falls into 401: Unauthorized.

        I am wondering the last header received from server was wrong or the last header which send to server was wrong.
      hi, just recently, i've got a need to access an NTLM-protected web page programatically using LWP and i'm getting the same error as yours:
      HTTP/1.1 401 Unauthorized Date: Tue, 07 Feb 2012 02:49:17 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Digest qop="auth",algorithm=MD5-sess,nonce="9bee3c16 +43e5cc01cdd097f1c38245318e8bcc42694833d14128d3c67ab436a651383633536b5 +56d",charset=utf-8,realm="Digest" Content-Length: 83 Content-Type: text/html Client-Date: Tue, 07 Feb 2012 02:49:19 GMT Client-Peer: 192.168.1.1:80 Client-Response-Num: 7 Client-Warning: Credentials for 'xxpmuser' failed before Title: Error X-Powered-By: ASP.NET
      have you had any luck resolving this? TIA, -ron
        Having this same issue. I've never seen a decent working example of NTLM auth within Perl. Very frustrating.

        Hints on debugging would be appreciated too.

        $gen-auth is almost useless.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://930737]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (10)
As of 2014-09-16 12:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (17 votes), past polls