Hi there! > Steven Garno <[email protected]> hat am 3. September 2015 um 00:42 > geschrieben: > > > Support, > > We seem to be experiencing some difficulties in getting libcurl to work with > NTLM and Kerberos authentication on a windows platform. Any help would be > greatly appreciated. > http://curl.haxx.se/libcurl/c/debug.html
Apply the debug code to your source and see what chatty libcurl has to say during the exchange. This helped me a number of times already. Without it and with only the information you provided, everything below is educated guesswork. > Here is the problem: > > We have a site configured to use NTLM Negotiate authentication mechanism (also > tried Kerberos instead of NTLM). When I call the URL in the browser while > monitoring the traffic in Fiddler, the negotiate authentication works as > expected: first two requests return 401 and the third one returns 200. > How was your libcurl built? Did you enable SSPI? Or OpenSSL? If you did neither libcurl would not have the ability to do NTLM or Kerberos, i think. for example the name of my last build directory was something like this: libcurl-vc9-x86-release-static-zlib-static-ssh2-static-ipv6-sspi-winssl-obj-lib > [cid:[email protected]] > > > However, when I try to make the same call using cURL, the negotiation never > happens, only one request is made and 401 status is returned: > > [cid:[email protected]] > > I tried a setting this optionin cURL before making the call: > curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE) > > Also, tried setting it this way: > curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE | > CURLAUTH_NTLM) > > And this way: > curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY) > > The result is always the same - one request returning 401. The second (and > sometimes third) negotiations never seem to happen. What are we doing/not > doing correctly? > Assuming the webserver only accepts NEGO/NTLMv2 your libcurl might just not be able to do what you are asking, if you missed the right options at build time. Greetings, Michael ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
