Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re^3: How to select NTLM authentication with LWP

by tiedwu (Initiate)
on Oct 11, 2011 at 03:58 UTC ( #930737=note: print w/ replies, xml ) Need Help??


in reply to Re^2: How to select NTLM authentication with LWP
in thread How to select NTLM authentication with LWP

I've updated the latest version NTLM-1.09 which provides ntlmv2(), it still doesn't work and it will not have a redirect to 10.1.1.2. I am confusing which one is workable, NTLM-1.09 made by Nick Bebout or NTLM-1.02 made by Mark J Bush? The output:

elvis@elvis-laptop:~/tmp/person$ ./d2.pl --Peforming request now...--------- --Done with request ...--------- Error: 401 Unauthorized Date: Tue, 11 Oct 2011 03:43:53 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1327 Content-Type: text/html Client-Date: Tue, 11 Oct 2011 03:47:44 GMT Client-Peer: 10.1.1.1:80 Client-Response-Num: 1 Client-Warning: Unsupported authentication scheme 'negotiate' Title: ��δ����Ȩ&#6 +5533;鿴��ҳ X-Powered-By: ASP.NET


Comment on Re^3: How to select NTLM authentication with LWP
Download Code
Re^4: How to select NTLM authentication with LWP
by tiedwu (Initiate) on Oct 11, 2011 at 04:38 UTC
    For clarifying if it is related to the patch of /usr/local/share/perl/5.10.1/LWP/Authen/Ntlm.pm, I covered it back and update the new output:
    --Peforming request now...--------- --Done with request ...--------- Error: 401 Unauthorized Date: Tue, 11 Oct 2011 04:32:33 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1251 Content-Type: text/html Client-Date: Tue, 11 Oct 2011 04:36:23 GMT Client-Peer: 10.1.1.1:80 Client-Response-Num: 7 Client-Warning: Credentials for 'domain\user' failed before Title: ��δ����Ȩ&#6 +5533;鿴��ҳ X-Powered-By: ASP.NET
    The perl script is following:
    #!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common; use LWP::Debug qw(+); use Authen::NTLM; use strict; use warnings; ntlmv2(1); my $url = "http://10.1.1.1"; my $ua = new LWP::UserAgent(keep_alive => 1); $ua->credentials('10.1.1.1:80', '', 'domain\user', 'password'); my $req = HTTP::Request->new(GET => $url); print "--Peforming request now...---------\n"; my $res = $ua->request($req); print "--Done with request ...---------\n"; # check the outcome if ($res->is_success) { print $res->content; } else { print "Error: " . $res->status_line . "\n"; print $res->headers()->as_string(), "\n"; } exit 0;
      LWP::Authen::Ntlm has all the info you need. Note also that you do not have to specifically mention Authen::NTLM as that is automatically covered by LWP. As for credentials, I usually use localhost\\myusername followed by my personal password. myDomain\\user won't work:).
        You said I should add ntlmv2(1), but the one problem is there is no function called ntlmv2 in Mark Bush's Authen::NTLM, so I am just confusing.

        By adding some codes to output debug message, the http headers receiving and sending like -

        Receiving Header

        DEBUG CHALLENGE=NTLM

        Sending Header

        DEBUG AUTH_VALUE=NTLM TlRMTVNTUAABAAAAB7IAAAgACAAgAAAACAAIACgAAAA5NTA4MzEwMXF1YW50YWNu

        Receiving Header

        DEBUG CHALLENGE=NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgoECPKv/RSekCEkAAAAAAAAAAI4AjgBIAAAABQLODgAAAA9SAFMAUQBVAEEATgBUAEEAAgAQAFIAUwBRAFUAQQBOAFQAQQABAA4AUQBTAE0AQwBIAFIANQAEABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAwAoAHEAcwBtAGMAaAByADUALgBSAFMAUQB1AGEAbgB0AGEALgBjAG8AbQAFABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAAAAAA==

        Sending Header

        DEBUG AUTH_VALUE=NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABAAEABwAAAAEAAQAIAAAAAQABAAkAAAAAAAAABgAAAABYKBAuQZ9M9LeG8EjqdivTY2s5nJtXiH67DptXptZiLTjwA5EcoOL/rTVRhRokq/SFJ4o3EAdQBhAG4AdABhAGMAbgA5ADUAMAA4ADMAMQAwADEAOQA1ADAAOAAzADEAMAAxAA==

        Then falls into 401: Unauthorized.

        I am wondering the last header received from server was wrong or the last header which send to server was wrong.
        You said I should add ntlmv2(1), but the one problem is there is no function called ntlmv2 in Mark Bush's Authen::NTLM, so I am just confusing.

        By adding some codes to output debug message, the http headers receiving and sending like -

        Receiving Header

        DEBUG: CHALLENGE=NTLM

        Sending Header

        DEBUG: AUTH_VALUE=NTLM TlRMTVNTUAABAAAAB7IAAAgACAAgAAAACAAIACgAAAA5NTA4MzEwMXF1YW50YWNu

        Receiving Header

        DEBUG: CHALLENGE=NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgoECPKv/RSekCEkAAAAAAAAAAI4AjgBIAAAABQLODgAAAA9SAFMAUQBVAEEATgBUAEEAAgAQAFIAUwBRAFUAQQBOAFQAQQABAA4AUQBTAE0AQwBIAFIANQAEABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAwAoAHEAcwBtAGMAaAByADUALgBSAFMAUQB1AGEAbgB0AGEALgBjAG8AbQAFABgAUgBTAFEAdQBhAG4AdABhAC4AYwBvAG0AAAAAAA==

        Sending Header

        DEBUG: AUTH_VALUE=NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABAAEABwAAAAEAAQAIAAAAAQABAAkAAAAAAAAABgAAAABYKBAuQZ9M9LeG8EjqdivTY2s5nJtXiH67DptXptZiLTjwA5EcoOL/rTVRhRokq/SFJ4o3EAdQBhAG4AdABhAGMAbgA5ADUAMAA4ADMAMQAwADEAOQA1ADAAOAAzADEAMAAxAA==

        Then falls into 401: Unauthorized.

        I am wondering the last header received from server was wrong or the last header which send to server was wrong.
      hi, just recently, i've got a need to access an NTLM-protected web page programatically using LWP and i'm getting the same error as yours:
      HTTP/1.1 401 Unauthorized Date: Tue, 07 Feb 2012 02:49:17 GMT Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Digest qop="auth",algorithm=MD5-sess,nonce="9bee3c16 +43e5cc01cdd097f1c38245318e8bcc42694833d14128d3c67ab436a651383633536b5 +56d",charset=utf-8,realm="Digest" Content-Length: 83 Content-Type: text/html Client-Date: Tue, 07 Feb 2012 02:49:19 GMT Client-Peer: 192.168.1.1:80 Client-Response-Num: 7 Client-Warning: Credentials for 'xxpmuser' failed before Title: Error X-Powered-By: ASP.NET
      have you had any luck resolving this? TIA, -ron
        Having this same issue. I've never seen a decent working example of NTLM auth within Perl. Very frustrating.

        Hints on debugging would be appreciated too.

        $gen-auth is almost useless.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://930737]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (6)
As of 2015-07-02 04:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (27 votes), past polls