Francis C. wrote:
Keep in mind that NTLM requires at least two round trips to the server in
each connection. Your first GET/POST/whatever request needs to have an NTLM
“type 1” message in the Authorize header. The server will then respond with
a 401, but the response will contain an NTLM “type 2” message that you use
to create an NTLM “type 3” response. You then send your GET/POST again, with
the type 3 response in the Authorize header. At that point, if all goes
well, you get a 2xx from the server.
Your best bet is to use rubyntlm as a previous commenter suggested
I admit that I’m a bit stubborn sometimes. If my wife subscribed to this
list, I’m sure she would provide ample evidence.
Since the httpclient2 2.1.2 release (2007-09-22) specifically says it
supports “NTLM auth for WWW-Authenticate”, I’m reluctant to give up on
it. When I look at the httpclient.rb source, the request method may loop
up to 5 times depending and the NegotiateAuth class has all the logic in
it to handle the NTLM. Tracing through, the @www_auth.set_auth method
never seems to be called at least using the client.get call. I tried to
force the set_auth call like this:
def create_request(method, uri, query, body, extheader, proxy)
if extheader.is_a?(Hash)
extheader = extheader.to_a
end
if cookies = @cookie_manager.find(uri)
extheader << [‘Cookie’, cookies]
end
boundary = nil
content_type = extheader.find { |key, value|
key.downcase == ‘content-type’
}
if content_type && content_type[1] =~ /boundary=(.+)\z/
boundary = $1
end
req = HTTP::Message.new_request(method, uri, query, body, proxy,
boundary)
And another change in line 1703 to allow access to @www_auth,
Sorry for not providing a real diff file. I don’t have it on my windows
machine and I don’t feel like fetching it at this late hour.
Point is that @www_auth.set_auth is now called within each of the
do_get_block calls on line 1956 of the request method but I am still
getting a 401.1 not authorized error.
I’m about done on following up on this though. In working through the
certificate problems for my httpclient script yesterday, I tried the
same changes in my Perl LWP script tonight and it is now working with
SSL, client certificates and NTLM authentication. Since I need a working
script, I’m moving forward now with my Perl script and dropping any more
efforts on the Ruby version. I realize I may get a few boo/hisses by
saying that on a Ruby list but I’ve already lost too many hours sleep
already!
If Hiroshi or anyone else gets NTLM working, please provide an example
script to show how it’s done. I’d love to use this library because I
like what I see in httpclient.
Regards,
Jim