Hi Matteo, > These are the results of the tests (I have no access to the > ISA-server-Proxy). > > 1. curl.exe --proxy-ntlm --proxy 192.168.0.110:3128 --proxy-user > user:pass www.google.com It works fine if --proxy-ntlm > <http://curl.haxx.se/docs/manpage.html#--proxy-ntlm> is > specified. > > 2. curl.exe --proxy-anyauth --proxy 192.168.0.110:3128 --proxy-user > user:pass www.google.com It fails. > > 3. curl.exe --proxy-anyauth --proxy-negotiate --proxy > 192.168.0.110:3128 --proxy-user user:pass www.google.com It > fails.
I'm not too familiar with proxy servers from a curl prospective so someone else might be able to answer your query better than me, but I do know how the SMTP authentication works in curl so I have just delved into the http_proxy stuff out of curiosity and some of the following may be useful to you... > HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires > authorization to fulfill the request. Access to the Web P roxy filter is > denied. ) > Via: 1.1 NAS > Proxy-Authenticate: Negotiate > Proxy-Authenticate: Kerberos > Proxy-Authenticate: NTLM I believe this is where the problem lies... The server has told curl that it supports GSS Negotiate, Kerberos and NTLM in that order so curl with CURLAUTH_ANY set has tried to authenticate with GSS first as that was first in the list. This is then failing because, and I'm guessing here, your customer has a problem authenticating with GSS - as indicated by test #3 also failing. I would try and get the customer to fix up GSS - If they don't want to support GSS can they turn it off so that the server only advertises NTLM for example? If they can't turn it off in ISA Server or don't want to, does your application have a configuration file (or registry setting if it is Windows based) where you could specify the preferred authentication mechanism as NTLM? I hope this helps a little Kind Regards Steve ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
