how can I deal with an NTLM authentication challenge

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

how can I deal with an NTLM authentication challenge

malcolm.d.robbins
I'm trying to use Dispatch to access a site that needs NTLM authentication and I can't find out any decent examples of building a request/realm that deals with the NTLM Negotiate/Authorization Challenge.  I've Wiresharked my request and response and hacked around with the help of the Javadoc for RealmBuilder but cannot get the request to behave the way a web browser deals with it (as shown by WireShark).
 
If anyone has a pointer to a working example I'd very much appreciate it.

The "simple examples" in the Javadoc don't show how to deal with the nuances of the NTLMSSP_NEGOTIATE and NTLMSSP_AUTH challenge.

REGARDS
Reply | Threaded
Open this post in threaded view
|

Re: how can I deal with an NTLM authentication challenge

malcolm.d.robbins
I've looked at the netty source code and the ntlmChallenge code looks like it doesn't handle NTLM Type 2. (I think the current version of Dispatch uses version 0.5.10 of the asynch HTTP library).

Can someone confirm if/when NTLM Type 2 is supported?
Reply | Threaded
Open this post in threaded view
|

Re: how can I deal with an NTLM authentication challenge

malcolm.d.robbins
It's sad but true that the underlying HTTP library does not yet support NTLM V2.
I'm going to have to revert to using the Apache Java HTTP Components library instead. It also has an async HTML client so I'll be rolling my own Dispatch like library unfortunately ...