|
j.goor has asked for the wisdom of the Perl Monks concerning the following question:
Dear Monks,
Although this subject has heen 'covered' many times, All answers thusfar regarding NTLM authentication did not gotten me closer to a solution, so I'll ask this one more time:
How can I do NTLM authentication on an Microsoft IIS or Proxy?
I don't want links, suggestions, or obscure module names, just some lines that work for *you*, so it'll work for *me* then, too.
My case: Let just say I want to get the content of www.perl.com over a MS proxy.
Therefore I just want some lines, no DBI or DBI::Oracle crap in it, just the minimal code.
I emphasize this since I've seen 'examples' in this very Monastry that looked more like a coredump to me than a working snipped! ;-))
I have seen many NTLM questions, but none of them end with 'eureka, thanks guys!'
I even dare to state the NTLM with LWP does not work, has never worked and will never work!
(Now if *that* isn't a provocation, then I'm lost! :-) )
It's up to you monks to prove the opposite. I am aware I am very cynical, but hell, I have a production problem here and the only proper way for me is the use of NTLM authentication due to security policies.
I simply have no time to set up a lab situation, and spend hours if not days to get the damn thing to work.
I just need cut'n paste-code.
I hope you get my point.
Please help!
Regards,
John
|
Re: More NTLM
by inman (Curate) on Nov 16, 2004 at 16:38 UTC
|
Here is a link. Since you asked your question so rudely you can just go and work it out for yourself.
Now you have an NTLM thread that contains 'eureka, thanks guys!' near the end.
| [reply] |
Re: More NTLM
by Anonymous Monk on Nov 16, 2004 at 17:00 UTC
|
Wow. It's not like anyone here is giving away advice and help on here or anything. Sometimes there are questions that nobody around knows about, but some people still want to help and try to lead you in the right direction. You can think and figure out things for yourself, can't you?
Also, from your post, you're pessimistic, not cynical.
| [reply] |
Re: More NTLM
by j.goor (Acolyte) on Nov 17, 2004 at 07:02 UTC
|
Ok, Here are my examples:
Number one does not work (using LWP):
#!perl;
use strict;
use warnings;
use LWP::UserAgent;
use HTTP::Request::Common;
my $url = "<some url to an asp page on a protected site here>";
# Set up the ntlm client and then the base64 encoded ntlm handshake me
+ssage
my $ua = new LWP::UserAgent(keep_alive=>1);
$ua->credentials('<host:port here>', '', "<domain\\uid here>", '<pdw h
+ere>');
my $request = GET $url;
print "--Performing request now...-----------\n";
my $response = $ua->request($request);
print "--Done with request-------------------\n";
if ($response->is_success) {
print "It worked!->" . $response->code . "\n"
} else {
print "It didn't work!->" . $response->code . "\n"
}
</code>
Here's number two:
#!perl;
use strict;
use warnings;
use LWP::UserAgent;
use HTTP::Request::Common;
use Authen::NTLM qw(nt_hash lm_hash);
my $my_pass = "<pwd here>";
my $client = new_client Authen::NTLM(lm_hash($my_pass), nt_hash($my_pa
+ss));
# How does the ntlm functions tie in with Lwp methods?
my $ua = LWP::UserAgent->new(keep_alive=>1);
$ua->proxy('http','<proxy name here>');
my $resp = $ua->request(GET "http://www.perl.com");
my $htmcode = $resp->{_content};
print "here comes the output...\n$htmcode\n";
(I guess the uid will be automatically retrieved using a domain server) -> this ons doesn't work either btw...
I have a number three but that one's under construction. I got the example from this very site, but I guess it doesn't come from a monk but from some lone passenger... (the code uses DBI and DBI::Oracle and there's a lot of crap in it *and it doen't use strict or warnings* which one should use always, even in an example!!!
Ergo: Who can prove to this soon-to-be-disappointed-novice-monk that the guys who actually took the time to write modules for NTLM authentication did it to solve the NTLM problem in stead of just killing their time writing stuf that won't work anyway...?
To me, the first who can actually show me this, truely has seen the light, if not: he *IS* the light!
For the record: These are all "solution's" that people came up with for the same question as mine.
Thans in advance!
John
| [reply]
[d/l]
[select] |
|
|
In the course of trying to get LWP working with NTLM today, I spent some time "Super Searching" Perl Monks. Unfortunately, I did not find a foolproof solution. Nevertheless, I finally got everything working for me. Because this is the newest node I found dealing with NTLM, I thought I'd post my insights here in the hopes that some future searcher has more luck than I did.
The stumbling blocks for me weren't the code, which in the end worked right off the example in the synopsis. Instead, I got tripped up on...
- ... realizing I had to install the Authen::NTLM module. I checked my installation and saw I already had LWP::Authen::Ntlm, so I figured I was set to go. I don't know how it got there without Authen::NTLM, but LWP merrily ran my code without mentioning it didn't have the right modules to do the authentication.
- ... installing the correct module, namely Authen::NTLM by Mark Bush. A man named Yee Man Chan also has packages in the same namespace, for some reason. I am sure his solution is great, too, but it doesn't work with LWP ;-).
- ... patching the NTLM module. Judging by the last release date (2001-10-29), the module has been orphaned. When it didn't work for me, I figured Bill Gates might have changed the protocol, and I was up to my ears in unpacks trying to find the problem before I found this bug report (posted 2005-01-07, by the way, after the initial post in this thread). It proposes a change to one line of code, which I applied manually.
After that, the example code from the synposis ran flawlessly:
use LWP::UserAgent;
use HTTP::Request::Common;
my $url = 'http://www.company.com/protected_page.html'; # Set up the n
+tlm client and then the base64 encoded ntlm handshake message
my $ua = new LWP::UserAgent(keep_alive=>1);
$ua->credentials('www.company.com:80', '', "MyDomain\\MyUserCode", 'My
+Password');
$request = GET $url;
print "--Performing request now...-----------\n";
$response = $ua->request($request);
print "--Done with request-------------------\n";
if ($response->is_success) {
print "It worked!->" . $response->code . "\n"
}
else {
print "It didn't work!->" . $response->code . "\n"
}
Anyway, I hope this can help someone else along the way. | [reply]
[d/l]
[select] |
|
|
Thank you very much! This was incredibly helpful and solved a problem that was making me pull out my hair!
| [reply] |
|
|
Hi,
I am in dire need of help with respect to LWP::UserAgend Module.
While searching thru monks, i stumbled across your node and thought you will be able to help me.
I come to the question directly. I have a LWP code using which i am trying to access web page within my office LAN. But i am getting "500 Internal Server Error". The version of Perl with me is 5.6.1.
I give below my code (masking my credentials) :) and the output i got. Please look into it and gimme your comments
#!C:/perl/bin/perl.exe
use LWP::UserAgent;
use LWP::Debug qw(+);
use HTTP::Request::Common;
my $url= 'http://punsez138451d/L3NOCALM/default.aspx';
my $ua = new LWP::UserAgent(keep_alive => 1);
$ua->credentials('punsez138451d:80','',"MYDOMAIN\\username",'password'
+);
$request = GET $url;
print "--Performing request now...------------------\n";
$response = $ua->request($request);
print "--Done with request---------------------------\n";
if( $response->is_success) {
print $response->content;
} else {perl
print 'Error: ', $response->status_line, "\n";
print "===== Request Headers =====\n";
print $response->headers->as_string;
print "\n===== Response Headers ====\n";
print $response->headers->as_string;
print "\n===== Response Content ====\n";
print $response->content;
exit 1;
}
$contents = $response -> content();
#print $response->status_line(), "\n";
#print $response->headers()->as_string();
My output:
C:\Documents and Settings\venkatesan_G02\Desktop>perl lwp_test.pl
LWP::UserAgent::new: ()
--Performing request now...------------------
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET http://punsez138451d/L3NOCALM/defaul
+t.aspx
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::collect: read 762 bytes
LWP::Protocol::collect: read 894 bytes
LWP::Protocol::http::request: Keep the http connection to punsez138451
+d:80
LWP::UserAgent::request: Simple response: Unauthorized
LWP::Authen::Ntlm::authenticate: authenticate() has been called
LWP::Authen::Ntlm::authenticate: In first phase of NTLM authentication
LWP::Authen::Ntlm::authenticate: Returning response object with auth h
+eader:
Authorization NTLM TlRMTVNTUAABAAAAB7IAAA4ADgAgAAAACQAJAC4AAAB2ZW5rYXR
+lc2FuX0cwM
klORkxFVkVMMw==
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET http://punsez138451d/L3NOCALM/defaul
+t.aspx
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::collect: read 100 bytes
LWP::UserAgent::request: Simple response: Internal Server Error
--Done with request---------------------------
Error: 500 Internal Server Error
===== Request Headers =====
Connection: close
Date: Mon, 13 Apr 2009 18:15:25 GMT
Server: Microsoft-IIS/6.0
Content-Length: 100
Content-Type: text/html
Client-Date: Mon, 13 Apr 2009 18:15:19 GMT
Client-Peer: 4.33.37.49:80
Client-Response-Num: 2
MicrosoftSharePointTeamServices: 12.0.0.4518
Title: Error
X-Powered-By: ASP.NET
===== Response Headers ====
Connection: close
Date: Mon, 13 Apr 2009 18:15:25 GMT
Server: Microsoft-IIS/6.0
Content-Length: 100
Content-Type: text/html
Client-Date: Mon, 13 Apr 2009 18:15:19 GMT
Client-Peer: 4.33.37.49:80
Client-Response-Num: 2
MicrosoftSharePointTeamServices: 12.0.0.4518
Title: Error
X-Powered-By: ASP.NET
===== Response Content ====
<html><head><title>Error</title></head><body>The function requested is
+ not suppo
rted
</body></html>
Any help will be greatly appreciated!!!
| [reply]
[d/l]
[select] |
|
|
|
|
|
|
