Daniel, > On Mon, 1 Sep 2014, Ulrich Telle wrote: > > Just to clarify a detail on the log you posted, in case it wasn't absolutely > clear: > > > Header out: GET http://xyz.com/ HTTP/1.1 > > Proxy-Authorization: NTLM > > TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAABQ > > AFAHAAAAAGAAYAdQAAAAAAAAAAAAAABoKJACjrUgzovGvZAAAAAAA > > AAAAAAAAAAAAAAH8aPq9LDPKDglDlt4O+6kw69fgaLSTJNkxYSlFVU0cx > > NVlS > > This is the request that should be the last and fine request, ending > the NTLM "handshake" and yet... > > > Header in: HTTP/1.1 407 authenticationrequired > > The proxy rejects it, which makes libcurl say: > > > Text: NTLM handshake rejected > > Text: Authentication problem. Ignoring this. > > It is really not easy to say why it does this.
That's why I started to ask on this list, because I'm at a loss why the authentication process fails for the affected users. > Is the user or password using any "fun" unicode letters ? In the log I posted I modified urls, ip numbers and user names to mask the identity of the user and his company. In the original log there is a real user id and a real password consisting of only ASCII characters. > Is this using NTLMv2 ? I don't know. How can I find this out? Have I to ask the proxy server operator? BTW, the problem first showed up with a failure of the authentication process using "basic authentication", but for some users only. Then I changed my application to set option CURLOPT_PROXYAUTH to CURLAUTH_ANY, to allow the other authentication option the proxy claims to support, namely NTLM). However, NTLM authentication now seems to fail consistently for *all* users. Regards, Ulrich -- E-Mail privat: [email protected] World Wide Web: http://www.telle-online.de ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
