Diana Nichols wrote: > That's the issue....they refuse to disable Windows authentication...the > connection worked perfectly when they did....the quote from my client: > > "Windows NT Challenge/Response--in simplistic terms is the user id/password > that must be authenticated. We cannot turn this off, as that is what > controls your authentication (entering your user id/password) to get to the > machine......This authentication must be in place, and your application must > be able to find a way to make it work" > > > Here's the CFHTTP statement I'm using: > <CFHTTP URL="https://theirserver.com/theirscript.asp"; METHOD="post" > THROWONERROR="Yes" TIMEOUT="30" COLUMNS="#get.columnlist#" PORT="443" > USERNAME="username" PASSWORD="password"> > > Ideas??
1. Go to the MS website and dig up the algorithm for NT Challenge/Response and write an implementation for yourself. 2. Convince them they are incorrect in their assumption that they need NT Challenge/Response. Since this is over SSL the username/password is encrypted anyway so Basic Authentication will do just fine (see RFC 2617). Both look equally unattractive to me :( Jochem ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
