468,288 Members | 1,985 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,288 developers. It's quick & easy.

httplib/DAV: How to respond to "WWW-Authenticate: NTLM" ?

In a DAV scheme with PROPFIND or GET (PROPFIND /test/ HTTP/1.1) and
Basic AUTH to a MS SharePoint over https server (AUTH required), he
responds 'WWW-Authenticate: NTLM' only:

reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Content-Length: 1656
header: Content-Type: text/html
header: Server: Microsoft-IIS/6.0
header: WWW-Authenticate: NTLM
header: X-Powered-By: ASP.NET
header: MicrosoftSharePointTeamServices: 6.0.2.6568
header: Date: Thu, 12 Oct 2006 12:27:42 GMT
I simply try repeatedly the same request with Basic Auth header again =>
The same response requesting 'header: WWW-Authenticate: NTLM' again.

But then after an unsuccessful test on a really new connection (.close()
, .request()) he accepts the Basic AUTH immediately.

* What is this?
* Is this a legal/known way to respond to a NTLM AUTH request by
..close() and reconnect with Basic Auth?
* Is there a Python function out there to do real NTLM authentication?..
and is this recommended to dig into Microsofty HTTP protocols ?
-robert
Oct 12 '06 #1
1 6556
robert wrote:
In a DAV scheme with PROPFIND or GET (PROPFIND /test/ HTTP/1.1) and
Basic AUTH to a MS SharePoint over https server (AUTH required), he
responds 'WWW-Authenticate: NTLM' only:

reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Content-Length: 1656
header: Content-Type: text/html
header: Server: Microsoft-IIS/6.0
header: WWW-Authenticate: NTLM
header: X-Powered-By: ASP.NET
header: MicrosoftSharePointTeamServices: 6.0.2.6568
header: Date: Thu, 12 Oct 2006 12:27:42 GMT
I simply try repeatedly the same request with Basic Auth header again =>
The same response requesting 'header: WWW-Authenticate: NTLM' again.

But then after an unsuccessful test on a really new connection (.close()
, .request()) he accepts the Basic AUTH immediately.

* What is this?
* Is this a legal/known way to respond to a NTLM AUTH request by
..close() and reconnect with Basic Auth?
* Is there a Python function out there to do real NTLM authentication?..
and is this recommended to dig into Microsofty HTTP protocols ?
-robert
The protocol is described in

http://www.innovation.ch/personal/ronald/ntlm.html

though you may need to consult other documents to get the full details.
It seems there may be a Python implementation at

http://ntlmaps.sourceforge.net/

At a pinch you could just use the proxy.

regards
Steve
--
Steve Holden +44 150 684 7255 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://holdenweb.blogspot.com
Recent Ramblings http://del.icio.us/steve.holden

Oct 12 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Robert | last post: by
14 posts views Thread by Russell Hoover | last post: by
13 posts views Thread by Steve | last post: by
2 posts views Thread by dclist | last post: by
4 posts views Thread by star111792 | last post: by
5 posts views Thread by David Lee Lambert | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.