Out of those three, the useragent should select the first challenge that it understands. If your application understands NTLM, then you can ignore the response header for Negotiate and Digest. That means that the nonce value sent as part of the Digest auth challenge can be simply ignored.
The NTLM Type1 message is not a function of any server specified parameters.
You might want to leverage the code in mozilla/security/manager/ssl/src/nsNTLMAuthModule.cpp
-Darin
John wrote:
Hi.
Please pardon me if this is not the right newsgroup to ask.
I'm trying to use Mozilla's NTLM authentication implementation as a basis for my cross-platform client application. I've read the relevant codes but I'm still having some difficulties in using the NTLM-related functions. So appreciate if someone might enlighten with some pointers.
Essentially, I sent a POST request to a IIS server, using my http client application (written in C++). The IIS server replies with
HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.1
Date: Tue, 10 May 2004 11:19:27 GMT
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
Content-Length: 4395
WWW-Authenticate: Digest qop="auth", realm="mydomain.com", nonce="a7bf74f2daed421e327711200000b3a0ead040a5fc955e86ed87b02cc516"
Content-Type: text/html
... and follow by a bunch of html stuff...
I believe I need to send a reply to the server with a Type1Msg? I found the function to generate the type 1 message. But my problem is, I cannot see how my nonce could be fed into the function to generate my response to reply to the server. Does anyone know how I could do it? Any help is deeply appreciated. Thanks!!
_______________________________________________
Mozilla-netlib mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-netlib
_______________________________________________ Mozilla-netlib mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-netlib
