Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Stadin, Benjamin wrote: > FF has a function table for > function calls to Windows' own secure32.dll / security.dll to provide > SSPI functionality (also a good lesson in C programming, OverbyteIcsSspi as well ;-) this how the API works! --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I remember that there was the same problem in ICS-SSL with Firefox in the beginning. I think the connection isn't closed when this happens. Check with your network sniffer if that's the case and set a break point to check whether the connection is closed in your code. I don't believe that this is a Firefox problem. Fastream Technologies schrieb: > > Hello, > > Perhaps you can check out POSTing with IQRP 1.2b1 > (http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you > need to do is, > > - define the web server IP/port in Servers > - Go to URL Rules and assign the web server to Default (catch-all) URL rule > - Enable NTLM authentication on the same tabsheet > > I used our IQ Web server which works perfectly when on its own to test. You > will need to press the POST button (for example file upload in IQWF) very > frequently. > > Regards, > > SZ > > - Original Message - > From: "Stadin, Benjamin" <[EMAIL PROTECTED]> > To: > Sent: Thursday, September 14, 2006 5:57 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >I don't think so. NTLM works fine for me in FF ever since. FF just fills > > data into an NTLM context struct and if the message is complete it is > > used. > > This has nothing to do with a state machine. > > > > And btw, I've looked at the Pascal code of this pslib, I think it's more a > > hack than a solution. Firefox doesn't use bloody hacks to access the > > protected storage for Single-Sign-On. I've made a list with a short > > description to function calls for the FF source code to show how it works > > (propably ;-) ). FF has a function table for function calls to Windows' > > own > > secure32.dll / security.dll to provide SSPI functionality (also a good > > lesson in C programming, FF code is great but not easy to understand at > > first). > > > > Benjamin Stadin > > > > > > Fastream Technologies schrieb: > >> > >> One last lesson: when NTLM POST is taking place, if you press too > > frequently > >> on Mozilla, the progress meter stalls. When you click on another link it > >> works fine then. This does not happen with IE. I think this is a FF bug > >> in > >> their state machine! > >> > >> Best Regards, > >> > >> SZ > > -- > > To unsubscribe or change your settings for TWSocket mailing list > > please goto http://www.elists.org/mailman/listinfo/twsocket > > Visit our website at http://www.overbyte.be > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello, Perhaps you can check out POSTing with IQRP 1.2b1 (http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you need to do is, - define the web server IP/port in Servers - Go to URL Rules and assign the web server to Default (catch-all) URL rule - Enable NTLM authentication on the same tabsheet I used our IQ Web server which works perfectly when on its own to test. You will need to press the POST button (for example file upload in IQWF) very frequently. Regards, SZ - Original Message - From: "Stadin, Benjamin" <[EMAIL PROTECTED]> To: Sent: Thursday, September 14, 2006 5:57 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >I don't think so. NTLM works fine for me in FF ever since. FF just fills > data into an NTLM context struct and if the message is complete it is > used. > This has nothing to do with a state machine. > > And btw, I've looked at the Pascal code of this pslib, I think it's more a > hack than a solution. Firefox doesn't use bloody hacks to access the > protected storage for Single-Sign-On. I've made a list with a short > description to function calls for the FF source code to show how it works > (propably ;-) ). FF has a function table for function calls to Windows' > own > secure32.dll / security.dll to provide SSPI functionality (also a good > lesson in C programming, FF code is great but not easy to understand at > first). > > Benjamin Stadin > > > Fastream Technologies schrieb: >> >> One last lesson: when NTLM POST is taking place, if you press too > frequently >> on Mozilla, the progress meter stalls. When you click on another link it >> works fine then. This does not happen with IE. I think this is a FF bug >> in >> their state machine! >> >> Best Regards, >> >> SZ > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I don't think so. NTLM works fine for me in FF ever since. FF just fills data into an NTLM context struct and if the message is complete it is used. This has nothing to do with a state machine. And btw, I've looked at the Pascal code of this pslib, I think it's more a hack than a solution. Firefox doesn't use bloody hacks to access the protected storage for Single-Sign-On. I've made a list with a short description to function calls for the FF source code to show how it works (propably ;-) ). FF has a function table for function calls to Windows' own secure32.dll / security.dll to provide SSPI functionality (also a good lesson in C programming, FF code is great but not easy to understand at first). Benjamin Stadin Fastream Technologies schrieb: > > One last lesson: when NTLM POST is taking place, if you press too frequently > on Mozilla, the progress meter stalls. When you click on another link it > works fine then. This does not happen with IE. I think this is a FF bug in > their state machine! > > Best Regards, > > SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
One last lesson: when NTLM POST is taking place, if you press too frequently on Mozilla, the progress meter stalls. When you click on another link it works fine then. This does not happen with IE. I think this is a FF bug in their state machine! Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 4:33 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Hello Arno, : : Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I : will need to complete the HTML authentication until next week now... Hmm. ;) : : Best Regards, : : SZ : : - Original Message - : From: "Arno Garrels" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Thursday, September 14, 2006 4:05 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Fastream Technologies wrote: :: > Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? :: :: No it is not. Same as with digest that also works in my demo with 1.0. :: :: > What should we do if the server admin specifies NTLM but the client :: > does not support HTTP/1.1? Is this a rare situation? :: > :: > Best Regards, :: > :: > SZ :: > :: > - Original Message - :: > From: "Arno Garrels" <[EMAIL PROTECTED]> :: > To: "ICS support mailing" :: > Sent: Thursday, September 14, 2006 3:57 PM :: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: > :: > :: >> NTLM requires Keep-Alive, but the server sends "Connection: close" in :: >> the header of 401Answer. :: >> :: >> Fastream Technologies wrote: :: >>> Here it is: http://www.fastream.com/ics/ntlm.pcap :: >>> :: >>> Regards, :: >>> :: >>> SZ :: >>> :: >>> ----- Original Message - :: >>> From: "Arno Garrels" <[EMAIL PROTECTED]> :: >>> To: "ICS support mailing" :: >>> Sent: Thursday, September 14, 2006 3:36 PM :: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: >>> :: >>> :: >>>> Fastream Technologies wrote: :: >>>>> Basicallly the ntlmmessage = NULL where it must not be--ethereal :: >>>>> calls this :: >>>>> malformed header!!! :: >>>> :: >>>> Please, please, please upload the Ethereal dump in as a *.pcap file :: >>>> somewhere so we can open it with ethereal. :: >>>> :: >>>> -- :: >>>> To unsubscribe or change your settings for TWSocket mailing list :: >>>> please goto http://www.elists.org/mailman/listinfo/twsocket :: >>>> Visit our website at http://www.overbyte.be :: >> -- :: >> To unsubscribe or change your settings for TWSocket mailing list :: >> please goto http://www.elists.org/mailman/listinfo/twsocket :: >> Visit our website at http://www.overbyte.be :: -- :: To unsubscribe or change your settings for TWSocket mailing list :: please goto http://www.elists.org/mailman/listinfo/twsocket :: Visit our website at http://www.overbyte.be : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello Arno, Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I will need to complete the HTML authentication until next week now... Hmm. ;) Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 4:05 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? : : No it is not. Same as with digest that also works in my demo with 1.0. : : > What should we do if the server admin specifies NTLM but the client : > does not support HTTP/1.1? Is this a rare situation? : > : > Best Regards, : > : > SZ : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Thursday, September 14, 2006 3:57 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> NTLM requires Keep-Alive, but the server sends "Connection: close" in : >> the header of 401Answer. : >> : >> Fastream Technologies wrote: : >>> Here it is: http://www.fastream.com/ics/ntlm.pcap : >>> : >>> Regards, : >>> : >>> SZ : >>> : >>> - Original Message ----- : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Thursday, September 14, 2006 3:36 PM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> Basicallly the ntlmmessage = NULL where it must not be--ethereal : >>>>> calls this : >>>>> malformed header!!! : >>>> : >>>> Please, please, please upload the Ethereal dump in as a *.pcap file : >>>> somewhere so we can open it with ethereal. : >>>> : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? No it is not. Same as with digest that also works in my demo with 1.0. > What should we do if the server admin specifies NTLM but the client > does not support HTTP/1.1? Is this a rare situation? > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 3:57 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> NTLM requires Keep-Alive, but the server sends "Connection: close" in >> the header of 401Answer. >> >> Fastream Technologies wrote: >>> Here it is: http://www.fastream.com/ics/ntlm.pcap >>> >>> Regards, >>> >>> SZ >>> >>> ----- Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Thursday, September 14, 2006 3:36 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Basicallly the ntlmmessage = NULL where it must not be--ethereal >>>>> calls this >>>>> malformed header!!! >>>> >>>> Please, please, please upload the Ethereal dump in as a *.pcap file >>>> somewhere so we can open it with ethereal. >>>> >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? What should we do if the server admin specifies NTLM but the client does not support HTTP/1.1? Is this a rare situation? Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:57 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > NTLM requires Keep-Alive, but the server sends "Connection: close" in > the header of 401Answer. > > Fastream Technologies wrote: >> Here it is: http://www.fastream.com/ics/ntlm.pcap >> >> Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 3:36 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Basicallly the ntlmmessage = NULL where it must not be--ethereal >>>> calls this >>>> malformed header!!! >>> >>> Please, please, please upload the Ethereal dump in as a *.pcap file >>> somewhere so we can open it with ethereal. >>> >>> -- >>> To unsubscribe or change your settings for TWSocket mailing list >>> please goto http://www.elists.org/mailman/listinfo/twsocket >>> Visit our website at http://www.overbyte.be > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
NTLM requires Keep-Alive, but the server sends "Connection: close" in the header of 401Answer. Fastream Technologies wrote: > Here it is: http://www.fastream.com/ics/ntlm.pcap > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 3:36 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Basicallly the ntlmmessage = NULL where it must not be--ethereal >>> calls this >>> malformed header!!! >> >> Please, please, please upload the Ethereal dump in as a *.pcap file >> somewhere so we can open it with ethereal. >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Here it is: http://www.fastream.com/ics/ntlm.pcap Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:36 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Basicallly the ntlmmessage = NULL where it must not be--ethereal : > calls this : > malformed header!!! : : Please, please, please upload the Ethereal dump in as a *.pcap file : somewhere so we can open it with ethereal. : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Basicallly the ntlmmessage = NULL where it must not be--ethereal > calls this > malformed header!!! Please, please, please upload the Ethereal dump in as a *.pcap file somewhere so we can open it with ethereal. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I just noticed that Ethereal cannot dump the protocol insight. :( Or maybe there is a way?? Arno, I think you will need to use the POST demo together with NTLM to test against. Benjamin, thanks for the empty password idea! Best Regards, SubZero - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:22 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this malformed header!!! Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:15 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Ok I recreated the user "a" with a non-null pwd and it worked. BUT POST does : not work in ANY browser! Never authenticates. This is the Ethereal dump: : : Ã"Ãf²¡ ÿÿ â,¬E E¬D ú ú v֐Ã< [EMAIL PROTECTED] E ì-Â@ â,¬E&Ã?¨Ã?¨â?o : PqÃfAâ?¦h7õµPÿÿX] POST / HTTP/1.1 : Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, : application/vnd.ms-powerpoint, application/msword, */* : Referer: http://fastream.homeip.net/ : Accept-Language: tr,en-us;q=0.5 : Content-Type: multipart/form-data; : boundary=---7d637af120086 : UA-CPU: x86 : Accept-Encoding: gzip, deflate : User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR : 1.1.4322) : Host: fastream.homeip.net : Connection: Keep-Alive : Cache-Control: no-cache : Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D : Authorization: NTLM TlRMTVNTUAABB4IIogAFASgKDw== : Content-Length: 0 : : â,¬E EÃ"L Ã~Ãâ?¢@ v֐Ã< E ùÃ.6@ â,¬Å"qÃ?¨Ã?¨ Pâ?oh7õµqÃfDIPÿÿâ : HTTP/1.1 401 Authorization Required : WWW-Authenticate: NTLM : TlRMTVNTUAACDAAMADgFgoqioCqv9v7MM+EAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH== : Content-Length: 629 : Content-Type: text/html : Connection: close : Server: Fastream IQ Reverse Proxy : : 401 Authorization RequiredAuthorization RequiredThis server could not : verify that you are authorized to access the document requested. Either you : supplied the wrong credentials (e.g. bad password), or your browser doesn't : understand how to supply the credentials required. You may want to contact : the server administrator here: mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED].Fastream : IQ Reverse Proxyhttp://www.fastream.com/IQReverseProxy/";>www.fastream.com/IQReverseProxyâ,¬E : EøM 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.7@ â,¬ AÃ?¨Ã?¨ Pâ?oh7ùâ? qÃfDIPÿÿ à â,¬E EÅ N < : <v֐Ã< [EMAIL PROTECTED] E (-â?~@ â,¬GèÃ?¨Ã?¨â?o PqÃfDIh7ùâ?¡Pü. â,¬E E¸Q Ã" : Ã" v֐Ã< [EMAIL PROTECTED] E Ã?-â?T@ â,¬DIÃ?¨Ã?¨â?o PqÃfDIh7ùâ?¡Pü.âr POST / HTTP/1.1 : Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, : application/vnd.ms-powerpoint, application/msword, */* : Referer: http://fastream.homeip.net/ : Accept-Language: tr,en-us;q=0.5 : Content-Type: multipart/form-data; : boundary=---7d637af120086 : UA-CPU: x86 : Accept-Encoding: gzip, deflate : User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR : 1.1.4322) : Host: fastream.homeip.net : Content-Length: 194 : Connection: Keep-Alive : Cache-Control: no-cache : Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D : Authorization: NTLM : TlRMTVNTUAADGAAYAJoYABgAsgAAACYAJgBIGgAaAG4SABIAiADKBYKIogUBKAoPZgBhAHMAdAByAGUAYQBtAC4AaABvAG0AZQBpAHAALgBuAGUAdABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAEIATABBAEMASwBIAEEAVwBLAN96CsZ+Wo0dAMMFoduSgerudny+MJHuX4KJKkWtO+xVNg== : : â,¬E ER ø øv֐Ã< [EMAIL PROTECTED] E ê-â?o@ â,¬G$Ã?¨Ã?¨â?o : qÃfGçh7ùâ?¡Pü."A -7d637af120086 : Content-Disposition: form-data; name="upfile"; filename="" : Content-Type: application/octet-stream : : : -7d637af120086-- : â,¬E E7R 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.8@ â,¬ @Ã?¨Ã?¨ Pâ?oh7ùâ?¡qÃfH©PûŸ à â,¬E : ES < <v֐Ã< [EMAIL PROTECTED] E (-â?@ â,¬GÃ¥Ã?¨Ã?¨â?o PqÃfH©h7ùâ?¡Pü. ?â,¬E : E?S 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.9@ â,¬ ?Ã?¨Ã?¨ Pâ?oh7ùâ?¡qÃfHªPûŸ à â,¬E EÂT > : >v֐Ã< [EMAIL PROTECTED] E 0-â?¢@ â,¬GÃoÃ?¨Ã?¨â?" PùøŸª pÿÿ^? ´â,¬E EÃ'T > : >Ã~Ãâ?¢@ v֐Ã< E
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this malformed header!!! Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:15 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Ok I recreated the user "a" with a non-null pwd and it worked. BUT POST does : not work in ANY browser! Never authenticates. This is the Ethereal dump: : : Ã"Ãf²¡ ÿÿ â,¬E E¬D ú ú v֐Ã< [EMAIL PROTECTED] E ì-Â@ â,¬E&Ã?¨Ã?¨â?o : PqÃfAâ?¦h7õµPÿÿX] POST / HTTP/1.1 : Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, : application/vnd.ms-powerpoint, application/msword, */* : Referer: http://fastream.homeip.net/ : Accept-Language: tr,en-us;q=0.5 : Content-Type: multipart/form-data; : boundary=---7d637af120086 : UA-CPU: x86 : Accept-Encoding: gzip, deflate : User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR : 1.1.4322) : Host: fastream.homeip.net : Connection: Keep-Alive : Cache-Control: no-cache : Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D : Authorization: NTLM TlRMTVNTUAABB4IIogAFASgKDw== : Content-Length: 0 : : â,¬E EÃ"L Ã~Ãâ?¢@ v֐Ã< E ùÃ.6@ â,¬Å"qÃ?¨Ã?¨ Pâ?oh7õµqÃfDIPÿÿâ : HTTP/1.1 401 Authorization Required : WWW-Authenticate: NTLM : TlRMTVNTUAACDAAMADgFgoqioCqv9v7MM+EAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH== : Content-Length: 629 : Content-Type: text/html : Connection: close : Server: Fastream IQ Reverse Proxy : : 401 Authorization RequiredAuthorization RequiredThis server could not : verify that you are authorized to access the document requested. Either you : supplied the wrong credentials (e.g. bad password), or your browser doesn't : understand how to supply the credentials required. You may want to contact : the server administrator here: mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED].Fastream : IQ Reverse Proxyhttp://www.fastream.com/IQReverseProxy/";>www.fastream.com/IQReverseProxyâ,¬E : EøM 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.7@ â,¬ AÃ?¨Ã?¨ Pâ?oh7ùâ? qÃfDIPÿÿ à â,¬E EÅ N < : <v֐Ã< [EMAIL PROTECTED] E (-â?~@ â,¬GèÃ?¨Ã?¨â?o PqÃfDIh7ùâ?¡Pü. â,¬E E¸Q Ã" : Ã" v֐Ã< [EMAIL PROTECTED] E Ã?-â?T@ â,¬DIÃ?¨Ã?¨â?o PqÃfDIh7ùâ?¡Pü.âr POST / HTTP/1.1 : Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, : application/vnd.ms-powerpoint, application/msword, */* : Referer: http://fastream.homeip.net/ : Accept-Language: tr,en-us;q=0.5 : Content-Type: multipart/form-data; : boundary=---7d637af120086 : UA-CPU: x86 : Accept-Encoding: gzip, deflate : User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR : 1.1.4322) : Host: fastream.homeip.net : Content-Length: 194 : Connection: Keep-Alive : Cache-Control: no-cache : Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D : Authorization: NTLM : TlRMTVNTUAADGAAYAJoYABgAsgAAACYAJgBIGgAaAG4SABIAiADKBYKIogUBKAoPZgBhAHMAdAByAGUAYQBtAC4AaABvAG0AZQBpAHAALgBuAGUAdABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAEIATABBAEMASwBIAEEAVwBLAN96CsZ+Wo0dAMMFoduSgerudny+MJHuX4KJKkWtO+xVNg== : : â,¬E ER ø øv֐Ã< [EMAIL PROTECTED] E ê-â?o@ â,¬G$Ã?¨Ã?¨â?o : qÃfGçh7ùâ?¡Pü."A -7d637af120086 : Content-Disposition: form-data; name="upfile"; filename="" : Content-Type: application/octet-stream : : : -7d637af120086-- : â,¬E E7R 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.8@ â,¬ @Ã?¨Ã?¨ Pâ?oh7ùâ?¡qÃfH©PûŸ à â,¬E : ES < <v֐Ã< [EMAIL PROTECTED] E (-â?@ â,¬GÃ¥Ã?¨Ã?¨â?o PqÃfH©h7ùâ?¡Pü. ?â,¬E : E?S 6 6Ã~Ãâ?¢@ v֐Ã< E (Ã.9@ â,¬ ?Ã?¨Ã?¨ Pâ?oh7ùâ?¡qÃfHªPûŸ à â,¬E EÂT > : >v֐Ã< [EMAIL PROTECTED] E 0-â?¢@ â,¬GÃoÃ?¨Ã?¨â?" PùøŸª pÿÿ^? ´â,¬E EÃ'T > : >Ã~Ãâ?¢@ v֐Ã< E 0Ã.:@ â,¬ 6Ã?¨Ã?¨ Pâ?"Ã^¹¼EùøŸ«pÿÿÃT. ´â,¬E EqU < : <v֐Ã< [EMAIL PROTECTED] E (-â?"@ â,¬GâÃ?¨Ã?¨â?" PùøŸ«Ã^¹¼FPÿÿóâ,¬E EaV Ã" : Ã" v֐Ã< [EMAIL PROTECTED] E Ã?-Ëo@ â,¬DCÃ?¨Ã?¨â?" PùøŸ«Ã^¹¼FPÿÿÃ-Ã. POST / HTTP/1.1 : Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, : applicati
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
t-Length: 629 Content-Type: text/html Connection: close Server: Fastream IQ Reverse Proxy 401 Authorization RequiredAuthorization RequiredThis server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g. bad password), or your browser doesn't understand how to supply the credentials required. You may want to contact the server administrator here: mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED].Fastream IQ Reverse Proxyhttp://www.fastream.com/IQReverseProxy/";>www.fastream.com/IQReverseProxy€E E& 6 6ØÍ•@ v÷êË E (Õ@@ € 8À¨À¨ P–ȹ¿_ùø£IPüaÙ €E Eó < <v÷êË [EMAIL PROTECTED] E (-š@ €GßÀ¨À¨– Pùø£Iȹ¿_PüæT€E E < <v÷êË [EMAIL PROTECTED] E (-›@ €GŞÀ¨À¨– Pùø£Jȹ¿`PüæS€E E5 6 6ØÍ•@ v÷êË E (ÕA@ € 7À¨À¨ P–ȹ¿`ùø£JPüaØ ‚E E . . ^ÿú v÷êË F ÕF œìÀ¨ïÿÿú” úïÿÿú‡E Ed < < ^ ¿[Aw E # À¨à dî› @ t¸ÂÏ.jZUl‰E E©/ . . ^ÿú v÷êË F ÕG œëÀ¨ïÿÿú” úïÿÿúŠE E¥ > >v÷êË [EMAIL PROTECTED] E 0-œ@ €GÕÀ¨À¨— Ph¸€pÿÿ×[ ´ŠE Eü > > ØÍ•@ v÷êË E 0ÕH@ € (À¨À¨ P—ä<h¸pÿÿ‚K ´ŠE E¥ < < v÷êË [EMAIL PROTECTED] E (-@ €GÛÀ¨À¨— Ph¸ä<Pÿÿ¯ŠE Eƒ ú ú v÷êË [EMAIL PROTECTED] E ì-Ÿ@ €EÀ¨À¨— Ph¸ä<PÿÿÇ4 POST / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Referer: http://fastream.homeip.net/ Accept-Language: tr,en-us;q=0.5 Content-Type: multipart/form-data; boundary=---7d637af120086 UA-CPU: x86 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322) Host: fastream.homeip.net Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D Connection: Keep-Alive Cache-Control: no-cache Authorization: NTLM TlRMTVNTUAABB4IIogAFASgKDw== Content-Length: 0 ŠE E2L ØÍ•@ v÷êË E ùÕI@ €œ^À¨À¨ P—ä<h»EPı;å7 HTTP/1.1 401 Authorization Required WWW-Authenticate: NTLM TlRMTVNTUAACDAAMADgFgoqin8sAeAp+szUAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH== Content-Length: 629 Content-Type: text/html Connection: close Server: Fastream IQ Reverse Proxy 401 Authorization RequiredAuthorization RequiredThis server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g. bad password), or your browser doesn't understand how to supply the credentials required. You may want to contact the server administrator here: mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED].Fastream IQ Reverse Proxyhttp://www.fastream.com/IQReverseProxy/";>www.fastream.com/IQReverseProxyŠE E.M 6 6ØÍ•@ v÷êË E (ÕJ@ € .À¨À¨ P—ä?íh»EPı;«= ŠE EON < <v÷êË [EMAIL PROTECTED] E (-¡@ €GØÀ¨À¨— Ph»Eä?îPü.¬JŠE E˜P ° ° v÷êË [EMAIL PROTECTED] E ¢-¢@ €D]À¨À¨— Ph»Eä?îPü.ì¦ POST / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Referer: http://fastream.homeip.net/ Accept-Language: tr,en-us;q=0.5 Content-Type: multipart/form-data; boundary=---7d637af120086 UA-CPU: x86 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322) Host: fastream.homeip.net Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D Connection: Keep-Alive Cache-Control: no-cache Authorization: NTLM TlRMTVNTUAADGAAYAIAYABgAmAwADABIGgAaAFQSABIAbgCwBYKIogUBKAoPbABhAHAAdABvAHAAYQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBCAEwAQQBDAEsASABBAFcASwDfkLizRDmqUgDDlsa6UMs01Ep9zIP4BKpkzVT2V7CiC4A= Content-Length: 194 ŠE E^Q ø øv÷êË [EMAIL PROTECTED] E ê-£@ €GÀ¨À¨— h¾¿ä?îPü.¾ -7d637af120086 Content-Disposition: form-data; name="upfile"; filename="" Content-Type: application/octet-stream -7d637af120086-- ŠE E|Q 6 6ØÍ•@ v÷êË E (ÕK@ € -À¨À¨ P—ä?îh¿Pÿÿ¤= ŠE EÃQ < <v÷êË [EMAIL PROTECTED] E (-¤@ €GÕÀ¨À¨— Ph¿ä?îPü.¨ ŠE EæQ 6 6ØÍ•@ v÷êË E (ÕL@ € ,À¨À¨ P—ä?îh¿‚Pÿÿ¤< - Original Message - From: "Stadin, Benjamin" <[EMAIL PROTECTED]> To: Sent: Thursday, September 14, 2006 3:05 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :I said that several times. You
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Latest report: when I used the Administrator account of Windows, it > worked! :) So I am beginning to think this is a problem with security > policies of some Windows. Also turn on eventlog, monitor the security events. > Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 1:15 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Now it gives SEC_E_LOGON_DENIED. :( >> >> Regards, >> >> SZ >> >> - Original Message - >> From: "Fastream Technologies" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 12:30 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Hello, >>> >>> I found the problem source pinpointed: >>> >>> >>> if Sec < 0 then >>>begin >>>{$IFDEF DEBUG_EXCEPTIONS} >>>Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>> // Sec -2146893048 (0x80090308) >>> >>>{$ELSE} >>>Result := ''; >>>FState := lsDoneErr; >>>Exit; >>> {$ENDIF} >>> end; >>> >>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so >>> works! >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Thursday, September 14, 2006 12:08 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Also the unicode directive enabled, it does not compile! Perhaps >>>>> that could be a cure?! >>>> >>>> No, internally user names, domain names etc. are unicoded anyway. >>>> To enable the unicode versions of the SSPI functions you need to >>>> uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in >>>> OverbyteIcsSspi.pas. >>>> >>>>> >>>>> Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Thursday, September 14, 2006 11:40 AM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Hi Arno, >>>>>> >>>>>> I also wonder if this could be a lifetime/time zone problem? We >>>>>> are GMT+200. What is the timeout period of this authentication >>>>>> and did you consider different time zones? >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Thursday, September 14, 2006 11:31 AM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it >>>>>>> worked and gave no errors/exceptions! But I cannot deploy in >>>>>>> this form... ;( >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Thursday, September 14, 2006 10:49 AM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> I tested with Opera successfully! >>>>>>>> >>>>>>>> Change the format string below in order to get a hex display >>>>>>>> like: raise
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I said that several times. You must at least have "admin helper" (I don't remember what specific privileges are needed) rights to query the user db, also if you want to auth in a domain your app must run as domain user with sufficent rights. This is also the case with MS user management utility for NT domain users (at least NT4 I worked with years ago). I think that empty passwords are not allowed, so your user a would never be allowed to log in. At least at home I can't use empty pw's with my xp machines in the net. Test with network SMB login. You can change the auto-login and trusted URIs in FF at about:config. I asked you to do so, because I think it's possible that IE sends it's domain name in the NTLM challenge for auto-login reasons. NTLM single sign on is used by IE by default, in FF you must enable it. So maybe the server uses a wrong domain with FF and it just works with IE because it sends the domain. The domain isn't actually needed, because the server has to decide which domain to use, but there may be something fishy at this point at the server side right now (ie when FF sends an empty domain when not doing auto-login the server may try to auth this domain, instead it should overwrite it with it's own default domain - maybe). SZ wrote: Latest report: when I used the Administrator account of Windows, it worked! :) So I am beginning to think this is a problem with security policies of some Windows. Regards, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Even IE6 does not work with HTTP POST under NTLM! > > I have setup a server and will try on that. In the first place we should make the demo working, so we can be sure the problem is not in your proxy code. Why does it work on my boxes with the same browsers, why does it not work at Fastream? That's the big question, I cannot answer currently. One of my boxes is pretty slow one is really fast. > > Regards, > > SZ > > - Original Message - > From: "Maurizio Lotauro" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 2:33 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Scrive Fastream Technologies <[EMAIL PROTECTED]>: >> >>> Ethereal does not work on localhost!! I put together these logs >>> using socketspy. >> >> I think that if you want to know if your application works you should >> reproduce a real environment. Will your reverse proxy run on a >> "real" server or on the same pc of the client? >> Not to mention how ethereal help to detectd the differences between >> clients. >> >> >> Bye, Maurizio. >> >> >> >> This mail has been sent using Alpikom webmail system >> http://www.alpikom.it >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I uploaded a new version, added error logging to the demo and fixed some minor bugs. EXE is also included. http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip Though it won't fix the problem. Fastream Technologies wrote: > Yes it is 0 here as well! > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 2:13 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Arno Garrels wrote: >>> Arno Garrels wrote: >>>> Fastream Technologies wrote: >>>>> Latest report: when I used the Administrator account of Windows, >>>>> it worked! :) So I am beginning to think this is a problem with >>>>> security policies of some Windows. >>>> >>>> Yesterday I tested on a out-of-the-box, new XP SP2 installation, >>>> since this box had a hd crash :( Yes, there are policies dealing >>>> with NTLM, maybe you tweaked them? >>> >>> Also check your registry, play with the values. >>> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] >>> >>> "lmcompatibilitylevel"=dword n >> >> Forgot to say that factory default is 0. >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Even IE6 does not work with HTTP POST under NTLM! I have setup a server and will try on that. Regards, SZ - Original Message - From: "Maurizio Lotauro" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 2:33 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Scrive Fastream Technologies <[EMAIL PROTECTED]>: : : > Ethereal does not work on localhost!! I put together these logs using : > socketspy. : : I think that if you want to know if your application works you should : reproduce a real environment. Will your reverse proxy run on a "real" server : or on the same pc of the client? : Not to mention how ethereal help to detectd the differences between clients. : : : Bye, Maurizio. : : : : This mail has been sent using Alpikom webmail system : http://www.alpikom.it : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Scrive Fastream Technologies <[EMAIL PROTECTED]>: > Ethereal does not work on localhost!! I put together these logs using > socketspy. I think that if you want to know if your application works you should reproduce a real environment. Will your reverse proxy run on a "real" server or on the same pc of the client? Not to mention how ethereal help to detectd the differences between clients. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Yes it is 0 here as well! - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 2:13 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Arno Garrels wrote: : > Arno Garrels wrote: : >> Fastream Technologies wrote: : >>> Latest report: when I used the Administrator account of Windows, it : >>> worked! :) So I am beginning to think this is a problem with : >>> security policies of some Windows. : >> : >> Yesterday I tested on a out-of-the-box, new XP SP2 installation, : >> since this box had a hd crash :( Yes, there are policies dealing : >> with NTLM, maybe you tweaked them? : > : > Also check your registry, play with the values. : > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] : > : > "lmcompatibilitylevel"=dword n : : Forgot to say that factory default is 0. : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Arno Garrels wrote: > Arno Garrels wrote: >> Fastream Technologies wrote: >>> Latest report: when I used the Administrator account of Windows, it >>> worked! :) So I am beginning to think this is a problem with >>> security policies of some Windows. >> >> Yesterday I tested on a out-of-the-box, new XP SP2 installation, >> since this box had a hd crash :( Yes, there are policies dealing >> with NTLM, maybe you tweaked them? > > Also check your registry, play with the values. > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] > > "lmcompatibilitylevel"=dword n Forgot to say that factory default is 0. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ethereal does not work on localhost!! I put together these logs using socketspy. IE does not ask for credentials until you press POST then it begins not accepting even the administrator password! Opera gets the server go 100% CPU. FF only accepts administrator password. Regards, SZ - Original Message - From: "Maurizio Lotauro" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 2:02 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Scrive Fastream Technologies <[EMAIL PROTECTED]>: : : > Here is the full log: : : How are these logs created? I asked for ethereal logs because it decode the : NTLM message, so we can see what domain and username will send by each client : (you can do this yourself). : Both browser asking for credential or only FF? : One thing that I noticed is that IE send a cookie even in the first request. : : : Bye, Maurizio. : : : This mail has been sent using Alpikom webmail system : http://www.alpikom.it : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Arno Garrels wrote: > Fastream Technologies wrote: >> Latest report: when I used the Administrator account of Windows, it >> worked! :) So I am beginning to think this is a problem with security >> policies of some Windows. > > Yesterday I tested on a out-of-the-box, new XP SP2 installation, since > this box had a hd crash :( Yes, there are policies dealing with NTLM, > maybe you tweaked them? Also check your registry, play with the values. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "lmcompatibilitylevel"=dword n LmCompatibilityLevel settings The LmCompatibilityLevel registry entry can be configured with the following values: . LmCompatibilityLevel value of 0: Send LAN Manager (LM) response and NTLM response; never use NTLM version 2 (NTLMv2) session security. Clients use LM and NTLM authentication, and never use NTLMv2 session security; domain controllers accept LM, NTLM, and NTLMv2 authentication. . LmCompatibilityLevel value of 1: Use NTLMv2 session security, if negotiated. Clients use LM and NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. . LmCompatibilityLevel value of 2: Send NTLM response only. Clients use only NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. . LmCompatibilityLevel value of 3: Send NTLMv2 response only. Clients use NTLMv2 authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. . LmCompatibilityLevel value of 4: (Server Only) - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers refuse LM authentication, and accept NTLM and NTLMv2 authentication. . LmCompatibilityLevel value of 5: (Server Only) - Domain controllers refuse LM and NTLM responses, and accept only NTLMv2 responses. Clients use NTLMv2 authentication, use NTLMv2 session security if the server supports it; domain controllers refuse NTLM and LM authentication, and accept only NTLMv2 authentication. > > Anyway provide us a Ethereal logfile. Ethereal > does a great job parsing the various NTLM messages! > > --- > Arno Garrels [TeamICS] > http://www.overbyte.be/eng/overbyte/teamics.html > > > >> Regards, >> >> SZ >> >> - Original Message - >> From: "Fastream Technologies" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 1:15 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Now it gives SEC_E_LOGON_DENIED. :( >>> >>> Regards, >>> >>> SZ >>> >>> ----- Original Message - >>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Thursday, September 14, 2006 12:30 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Hello, >>>> >>>> I found the problem source pinpointed: >>>> >>>> >>>> if Sec < 0 then >>>>begin >>>>{$IFDEF DEBUG_EXCEPTIONS} >>>>Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>>> // Sec -2146893048 (0x80090308) >>>> >>>> {$ELSE} >>>> Result := ''; >>>>FState := lsDoneErr; >>>>Exit; >>>>{$ENDIF} >>>>end; >>>> >>>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so >>>> works! >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Thursday, September 14, 2006 12:08 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Also the unicode directive enabled, it does not compile! Perhaps >>>>>> that could be a cure?! >>>>> >>>>> No, internally user names, domain names etc. are unicoded anyway. >>>>> To enable the unicode versions of the SSPI functions you need to >>>>> uncomme
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Scrive Fastream Technologies <[EMAIL PROTECTED]>: > Here is the full log: How are these logs created? I asked for ethereal logs because it decode the NTLM message, so we can see what domain and username will send by each client (you can do this yourself). Both browser asking for credential or only FF? One thing that I noticed is that IE send a cookie even in the first request. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Also even with IE6XP, POST does not work under my reverse proxy whereas it works with Digest. Digest also has a 3-message mechanism. Did you test with POST?? Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 1:48 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Latest report: when I used the Administrator account of Windows, it : > worked! :) So I am beginning to think this is a problem with security : > policies of some Windows. : : Yesterday I tested on a out-of-the-box, new XP SP2 installation, since : this box had a hd crash :( Yes, there are policies dealing with NTLM, : maybe you tweaked them? : : Anyway provide us a Ethereal logfile. Ethereal : does a great job parsing the various NTLM messages! : : --- : Arno Garrels [TeamICS] : http://www.overbyte.be/eng/overbyte/teamics.html : : : : > Regards, : > : > SZ : > : > - Original Message - : > From: "Fastream Technologies" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Thursday, September 14, 2006 1:15 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Now it gives SEC_E_LOGON_DENIED. :( : >> : >> Regards, : >> : >> SZ : >> : >> - Original Message - : >> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >> To: "ICS support mailing" : >> Sent: Thursday, September 14, 2006 12:30 PM : >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >> : >> : >>> Hello, : >>> : >>> I found the problem source pinpointed: : >>> : >>> : >>> if Sec < 0 then : >>>begin : >>>{$IFDEF DEBUG_EXCEPTIONS} : >>>Exception.CreateFmt('Init context failed: 0x%x', [Sec]); : >>> // Sec -2146893048 (0x80090308) : >>> : >>>{$ELSE} : >>>Result := ''; : >>>FState := lsDoneErr; : >>>Exit; : >>> {$ENDIF} : >>> end; : >>> : >>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so : >>> works! : >>> : >>> Best Regards, : >>> : >>> SZ : >>> : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Thursday, September 14, 2006 12:08 PM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> Also the unicode directive enabled, it does not compile! Perhaps : >>>>> that could be a cure?! : >>>> : >>>> No, internally user names, domain names etc. are unicoded anyway. : >>>> To enable the unicode versions of the SSPI functions you need to : >>>> uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in : >>>> OverbyteIcsSspi.pas. : >>>> : >>>>> : >>>>> Regards, : >>>>> : >>>>> SZ : >>>>> : >>>>> - Original Message - : >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" : >>>>> Sent: Thursday, September 14, 2006 11:40 AM : >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>> : >>>>>> Hi Arno, : >>>>>> : >>>>>> I also wonder if this could be a lifetime/time zone problem? We : >>>>>> are GMT+200. What is the timeout period of this authentication : >>>>>> and did you consider different time zones? : >>>>>> : >>>>>> Best Regards, : >>>>>> : >>>>>> SZ : >>>>>> : >>>>>> - Original Message - : >>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>>> To: "ICS support mailing" : >>>>>> Sent: Thursday, September 14, 2006 11:31 AM : >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>>> : >>>>>> : >>>>>>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it : >>>>>>> w
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Latest report: when I used the Administrator account of Windows, it > worked! :) So I am beginning to think this is a problem with security > policies of some Windows. Yesterday I tested on a out-of-the-box, new XP SP2 installation, since this box had a hd crash :( Yes, there are policies dealing with NTLM, maybe you tweaked them? Anyway provide us a Ethereal logfile. Ethereal does a great job parsing the various NTLM messages! --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 1:15 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Now it gives SEC_E_LOGON_DENIED. :( >> >> Regards, >> >> SZ >> >> - Original Message - >> From: "Fastream Technologies" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 12:30 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Hello, >>> >>> I found the problem source pinpointed: >>> >>> >>> if Sec < 0 then >>>begin >>>{$IFDEF DEBUG_EXCEPTIONS} >>>Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>> // Sec -2146893048 (0x80090308) >>> >>>{$ELSE} >>>Result := ''; >>>FState := lsDoneErr; >>>Exit; >>> {$ENDIF} >>> end; >>> >>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so >>> works! >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Thursday, September 14, 2006 12:08 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Also the unicode directive enabled, it does not compile! Perhaps >>>>> that could be a cure?! >>>> >>>> No, internally user names, domain names etc. are unicoded anyway. >>>> To enable the unicode versions of the SSPI functions you need to >>>> uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in >>>> OverbyteIcsSspi.pas. >>>> >>>>> >>>>> Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Thursday, September 14, 2006 11:40 AM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Hi Arno, >>>>>> >>>>>> I also wonder if this could be a lifetime/time zone problem? We >>>>>> are GMT+200. What is the timeout period of this authentication >>>>>> and did you consider different time zones? >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Thursday, September 14, 2006 11:31 AM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it >>>>>>> worked and gave no errors/exceptions! But I cannot deploy in >>>>>>> this form... ;( >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Thursday, September 14, 2006 10:49 AM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>&
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Latest report: when I used the Administrator account of Windows, it worked! :) So I am beginning to think this is a problem with security policies of some Windows. Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 1:15 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Now it gives SEC_E_LOGON_DENIED. :( : : Regards, : : SZ : : - Original Message - : From: "Fastream Technologies" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Thursday, September 14, 2006 12:30 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Hello, :: :: I found the problem source pinpointed: :: :: :: if Sec < 0 then ::begin ::{$IFDEF DEBUG_EXCEPTIONS} ::Exception.CreateFmt('Init context failed: 0x%x', [Sec]); // :: Sec -2146893048 (0x80090308) :: ::{$ELSE} ::Result := ''; ::FState := lsDoneErr; ::Exit; ::{$ENDIF} ::end; :: :: When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works! :: :: Best Regards, :: :: SZ :: :: - Original Message - :: From: "Arno Garrels" <[EMAIL PROTECTED]> :: To: "ICS support mailing" :: Sent: Thursday, September 14, 2006 12:08 PM :: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: :: ::: Fastream Technologies wrote: ::: > Also the unicode directive enabled, it does not compile! Perhaps that ::: > could be a cure?! ::: ::: No, internally user names, domain names etc. are unicoded anyway. ::: To enable the unicode versions of the SSPI functions you need to : uncomment ::: both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas. ::: ::: > ::: > Regards, ::: > ::: > SZ ::: > ::: > - Original Message - ::: > From: "Fastream Technologies" <[EMAIL PROTECTED]> ::: > To: "ICS support mailing" ::: > Sent: Thursday, September 14, 2006 11:40 AM ::: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) ::: > ::: > ::: >> Hi Arno, ::: >> ::: >> I also wonder if this could be a lifetime/time zone problem? We are ::: >> GMT+200. What is the timeout period of this authentication and did ::: >> you consider different time zones? ::: >> ::: >> Best Regards, ::: >> ::: >> SZ ::: >> ::: >> - Original Message - ::: >> From: "Fastream Technologies" <[EMAIL PROTECTED]> ::: >> To: "ICS support mailing" ::: >> Sent: Thursday, September 14, 2006 11:31 AM ::: >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) ::: >> ::: >> ::: >>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked ::: >>> and gave no errors/exceptions! But I cannot deploy in this form... ::: >>> ;( ::: >>> ::: >>> SZ ::: >>> ::: >>> - Original Message - ::: >>> From: "Arno Garrels" <[EMAIL PROTECTED]> ::: >>> To: "ICS support mailing" ::: >>> Sent: Thursday, September 14, 2006 10:49 AM ::: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) ::: >>> ::: >>> ::: >>>> I tested with Opera successfully! ::: >>>> ::: >>>> Change the format string below in order to get a hex display like: ::: >>>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); ::: >>>> ::: >>>> Post the hex value. ::: >>>> ::: >>>> ::: >>>> ::: >>>> Fastream Technologies wrote: ::: >>>>> Hello, ::: >>>>> ::: >>>>> With FF, after msg3, ::: >>>>> ::: >>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, ::: >>>>>pHCtx, ::: >>>>>@InBuffDesc, ::: >>>>> ::: >>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements ::: >>>>>SECURITY_NATIVE_DREP, ::: >>>>>@FHCtx, ::: >>>>>@OutBuffDesc, ::: >>>>>ContextAttr, ::: >>>>> Lifetime); ::: >>>>> if Sec < 0 then ::: >>>>> begin // enters here with Sec = -2^31 ::: >>>>> {$IFDEF DEBUG_EXCEPTIONS} ::: >>
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Now it gives SEC_E_LOGON_DENIED. :( Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 12:30 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Hello, : : I found the problem source pinpointed: : : : if Sec < 0 then :begin :{$IFDEF DEBUG_EXCEPTIONS} :Exception.CreateFmt('Init context failed: 0x%x', [Sec]); // : Sec -2146893048 (0x80090308) : :{$ELSE} :Result := ''; :FState := lsDoneErr; :Exit; :{$ENDIF} :end; : : When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works! : : Best Regards, : : SZ : : - Original Message - : From: "Arno Garrels" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Thursday, September 14, 2006 12:08 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Fastream Technologies wrote: :: > Also the unicode directive enabled, it does not compile! Perhaps that :: > could be a cure?! :: :: No, internally user names, domain names etc. are unicoded anyway. :: To enable the unicode versions of the SSPI functions you need to uncomment :: both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas. :: :: > :: > Regards, :: > :: > SZ :: > :: > - Original Message - :: > From: "Fastream Technologies" <[EMAIL PROTECTED]> :: > To: "ICS support mailing" :: > Sent: Thursday, September 14, 2006 11:40 AM :: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: > :: > :: >> Hi Arno, :: >> :: >> I also wonder if this could be a lifetime/time zone problem? We are :: >> GMT+200. What is the timeout period of this authentication and did :: >> you consider different time zones? :: >> :: >> Best Regards, :: >> :: >> SZ :: >> :: >> - Original Message - :: >> From: "Fastream Technologies" <[EMAIL PROTECTED]> :: >> To: "ICS support mailing" :: >> Sent: Thursday, September 14, 2006 11:31 AM :: >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: >> :: >> :: >>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked :: >>> and gave no errors/exceptions! But I cannot deploy in this form... :: >>> ;( :: >>> :: >>> SZ :: >>> :: >>> - Original Message - :: >>> From: "Arno Garrels" <[EMAIL PROTECTED]> :: >>> To: "ICS support mailing" :: >>> Sent: Thursday, September 14, 2006 10:49 AM :: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: >>> :: >>> :: >>>> I tested with Opera successfully! :: >>>> :: >>>> Change the format string below in order to get a hex display like: :: >>>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); :: >>>> :: >>>> Post the hex value. :: >>>> :: >>>> :: >>>> :: >>>> Fastream Technologies wrote: :: >>>>> Hello, :: >>>>> :: >>>>> With FF, after msg3, :: >>>>> :: >>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, :: >>>>>pHCtx, :: >>>>>@InBuffDesc, :: >>>>> :: >>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements :: >>>>>SECURITY_NATIVE_DREP, :: >>>>>@FHCtx, :: >>>>>@OutBuffDesc, :: >>>>>ContextAttr, :: >>>>> Lifetime); :: >>>>> if Sec < 0 then :: >>>>> begin // enters here with Sec = -2^31 :: >>>>> {$IFDEF DEBUG_EXCEPTIONS} :: >>>>> raise Exception.CreateFmt('Init context failed: %d', :: >>>>> [Sec]); {$ELSE} :: >>>>> Result := ''; :: >>>>> FState := lsDoneErr; :: >>>>> Exit; :: >>>>> {$ENDIF} :: >>>>> end; :: >>>>> :: >>>>> Arno, do you have any idea? :: >>>>> :: >>>>> Best Regards, :: >>>>> :: >>>&g
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I do not know how to do this in FF. Also, see my previous message as I think I found the source of the problem. What's annoying with the problem is that in Opera, it causes 100% CPU usage ON THE SERVER-SIDE--typical DoS. Best Regards, SZ - Original Message - From: "Stadin, Benjamin" <[EMAIL PROTECTED]> To: Sent: Thursday, September 14, 2006 12:37 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : FS, can you try it with FF with the site added to the trusted URIs and NTLM : auto-login enabled? : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
FS, can you try it with FF with the site added to the trusted URIs and NTLM auto-login enabled? -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Hi Arno, > > I also wonder if this could be a lifetime/time zone problem? We are > GMT+200. What is the timeout period of this authentication and did > you consider different time zones? I do not think so. Function AcceptSecurityContext (NTLM) is documented here: http://windowssdk.msdn.microsoft.com/en-us/library/ms717513.aspx The Timestamp is filled by the security package. Windows 2000/NT and Windows Me/98/95: This parameter is not used. Set this value to NULL. I tested on W2k as well as on XP! > > Best Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 11:31 AM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked >> and gave no errors/exceptions! But I cannot deploy in this form... ;( >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 10:49 AM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> I tested with Opera successfully! >>> >>> Change the format string below in order to get a hex display like: >>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>> >>> Post the hex value. >>> >>> >>> >>> Fastream Technologies wrote: >>>> Hello, >>>> >>>> With FF, after msg3, >>>> >>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, >>>>pHCtx, >>>>@InBuffDesc, >>>> >>>> ASC_REQ_SEQUENCE_DETECT, // context requirements >>>>SECURITY_NATIVE_DREP, >>>>@FHCtx, >>>>@OutBuffDesc, >>>>ContextAttr, >>>>Lifetime); >>>> if Sec < 0 then >>>> begin // enters here with Sec = -2^31 >>>> {$IFDEF DEBUG_EXCEPTIONS} >>>> raise Exception.CreateFmt('Init context failed: %d', >>>> [Sec]); {$ELSE} >>>> Result := ''; >>>> FState := lsDoneErr; >>>> Exit; >>>> {$ENDIF} >>>> end; >>>> >>>> Arno, do you have any idea? >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Thursday, September 14, 2006 8:20 AM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Here is the full log: >>>>> >>>>> FireFox 1.5.0.6: >>>>> >>>>> 13.09.2006 21:50:09 Connection Opened >>>>> >>>>> 13.09.2006 21:50:09 From Local >>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: >>>>> >> > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: >>>>> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: >>>>> keep-alive >>>>> >>>>> 13.09.2006 21:50:09 From Remote >>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: >>>>> NTLM..Content- Length: 629..Content-Type: text/html..Connection: >>>>> keep- alive..Server: Fastream IQ Reverse >>>>> Proxy401 Authorization ... >>>>> >>>>> 13.09.2006 21:50:17 From Local >>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>> Gecko/20060728
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello, I found the problem source pinpointed: if Sec < 0 then begin {$IFDEF DEBUG_EXCEPTIONS} Exception.CreateFmt('Init context failed: 0x%x', [Sec]); // Sec -2146893048 (0x80090308) {$ELSE} Result := ''; FState := lsDoneErr; Exit; {$ENDIF} end; When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works! Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 12:08 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Also the unicode directive enabled, it does not compile! Perhaps that : > could be a cure?! : : No, internally user names, domain names etc. are unicoded anyway. : To enable the unicode versions of the SSPI functions you need to uncomment : both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas. : : > : > Regards, : > : > SZ : > : > - Original Message - : > From: "Fastream Technologies" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Thursday, September 14, 2006 11:40 AM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Hi Arno, : >> : >> I also wonder if this could be a lifetime/time zone problem? We are : >> GMT+200. What is the timeout period of this authentication and did : >> you consider different time zones? : >> : >> Best Regards, : >> : >> SZ : >> : >> ----- Original Message - : >> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >> To: "ICS support mailing" : >> Sent: Thursday, September 14, 2006 11:31 AM : >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >> : >> : >>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked : >>> and gave no errors/exceptions! But I cannot deploy in this form... : >>> ;( : >>> : >>> SZ : >>> : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Thursday, September 14, 2006 10:49 AM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> I tested with Opera successfully! : >>>> : >>>> Change the format string below in order to get a hex display like: : >>>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); : >>>> : >>>> Post the hex value. : >>>> : >>>> : >>>> : >>>> Fastream Technologies wrote: : >>>>> Hello, : >>>>> : >>>>> With FF, after msg3, : >>>>> : >>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, : >>>>>pHCtx, : >>>>>@InBuffDesc, : >>>>> : >>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements : >>>>>SECURITY_NATIVE_DREP, : >>>>>@FHCtx, : >>>>>@OutBuffDesc, : >>>>>ContextAttr, : >>>>> Lifetime); : >>>>> if Sec < 0 then : >>>>> begin // enters here with Sec = -2^31 : >>>>> {$IFDEF DEBUG_EXCEPTIONS} : >>>>> raise Exception.CreateFmt('Init context failed: %d', : >>>>> [Sec]); {$ELSE} : >>>>> Result := ''; : >>>>> FState := lsDoneErr; : >>>>> Exit; : >>>>> {$ENDIF} : >>>>> end; : >>>>> : >>>>> Arno, do you have any idea? : >>>>> : >>>>> Best Regards, : >>>>> : >>>>> SZ : >>>>> : >>>>> - Original Message - : >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" : >>>>> Sent: Thursday, September 14, 2006 8:20 AM : >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>&g
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Also the unicode directive enabled, it does not compile! Perhaps that > could be a cure?! No, internally user names, domain names etc. are unicoded anyway. To enable the unicode versions of the SSPI functions you need to uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas. > > Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 11:40 AM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Hi Arno, >> >> I also wonder if this could be a lifetime/time zone problem? We are >> GMT+200. What is the timeout period of this authentication and did >> you consider different time zones? >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Fastream Technologies" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Thursday, September 14, 2006 11:31 AM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked >>> and gave no errors/exceptions! But I cannot deploy in this form... >>> ;( >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Thursday, September 14, 2006 10:49 AM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> I tested with Opera successfully! >>>> >>>> Change the format string below in order to get a hex display like: >>>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); >>>> >>>> Post the hex value. >>>> >>>> >>>> >>>> Fastream Technologies wrote: >>>>> Hello, >>>>> >>>>> With FF, after msg3, >>>>> >>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, >>>>>pHCtx, >>>>>@InBuffDesc, >>>>> >>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements >>>>>SECURITY_NATIVE_DREP, >>>>>@FHCtx, >>>>>@OutBuffDesc, >>>>>ContextAttr, >>>>> Lifetime); >>>>> if Sec < 0 then >>>>> begin // enters here with Sec = -2^31 >>>>> {$IFDEF DEBUG_EXCEPTIONS} >>>>> raise Exception.CreateFmt('Init context failed: %d', >>>>> [Sec]); {$ELSE} >>>>> Result := ''; >>>>> FState := lsDoneErr; >>>>> Exit; >>>>> {$ENDIF} >>>>> end; >>>>> >>>>> Arno, do you have any idea? >>>>> >>>>> Best Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Thursday, September 14, 2006 8:20 AM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Here is the full log: >>>>>> >>>>>> FireFox 1.5.0.6: >>>>>> >>>>>> 13.09.2006 21:50:09 Connection Opened >>>>>> >>>>>> 13.09.2006 21:50:09 From Local >>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: >>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) >>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: >>>>>> >>> >> > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: >>>>>> windows-125
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Also the unicode directive enabled, it does not compile! Perhaps that could be a cure?! Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 11:40 AM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Hi Arno, : : I also wonder if this could be a lifetime/time zone problem? We are GMT+200. : What is the timeout period of this authentication and did you consider : different time zones? : : Best Regards, : : SZ : : - Original Message - : From: "Fastream Technologies" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Thursday, September 14, 2006 11:31 AM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and : gave :: no errors/exceptions! But I cannot deploy in this form... ;( :: :: SZ :: :: - Original Message - :: From: "Arno Garrels" <[EMAIL PROTECTED]> :: To: "ICS support mailing" :: Sent: Thursday, September 14, 2006 10:49 AM :: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: :: :::I tested with Opera successfully! ::: ::: Change the format string below in order to get a hex display like: ::: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); ::: ::: Post the hex value. ::: ::: ::: ::: Fastream Technologies wrote: ::: > Hello, ::: > ::: > With FF, after msg3, ::: > ::: > Sec := FPSFT^.AcceptSecurityContext(@FHCred, ::: >pHCtx, ::: >@InBuffDesc, ::: >ASC_REQ_SEQUENCE_DETECT, // ::: > context requirements ::: >SECURITY_NATIVE_DREP, ::: >@FHCtx, ::: >@OutBuffDesc, ::: >ContextAttr, ::: >Lifetime); ::: > if Sec < 0 then ::: > begin // enters here with Sec = -2^31 ::: > {$IFDEF DEBUG_EXCEPTIONS} ::: > raise Exception.CreateFmt('Init context failed: %d', ::: > [Sec]); {$ELSE} ::: > Result := ''; ::: > FState := lsDoneErr; ::: > Exit; ::: > {$ENDIF} ::: > end; ::: > ::: > Arno, do you have any idea? ::: > ::: > Best Regards, ::: > ::: > SZ ::: > ::: > ----- Original Message - ::: > From: "Fastream Technologies" <[EMAIL PROTECTED]> ::: > To: "ICS support mailing" ::: > Sent: Thursday, September 14, 2006 8:20 AM ::: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) ::: > ::: > ::: >> Here is the full log: ::: >> ::: >> FireFox 1.5.0.6: ::: >> ::: >> 13.09.2006 21:50:09 Connection Opened ::: >> ::: >> 13.09.2006 21:50:09 From Local ::: >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 ::: >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 ::: >> Firefox/1.5.0.6..Accept: ::: >> :: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: ::: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: ::: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: ::: >> keep-alive ::: >> ::: >> 13.09.2006 21:50:09 From Remote ::: >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content- ::: >> Length: 629..Content-Type: text/html..Connection: keep- ::: >> alive..Server: Fastream IQ Reverse Proxy401 ::: >> Authorization ... ::: >> ::: >> 13.09.2006 21:50:17 From Local ::: >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 ::: >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 ::: >> Firefox/1.5.0.6..Accept: ::: >> :: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: ::: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: ::: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: ::: >> keep-alive..Authorization: NTLM ::: >> TlRMTVNTUAABB4IIAAA= ::: >> ::: >> 13.09.2006 21:50:17 From Remote ::: >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM ::: >> :: : TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAAB
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hi Arno, I also wonder if this could be a lifetime/time zone problem? We are GMT+200. What is the timeout period of this authentication and did you consider different time zones? Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 11:31 AM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and gave : no errors/exceptions! But I cannot deploy in this form... ;( : : SZ : : - Original Message - : From: "Arno Garrels" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Thursday, September 14, 2006 10:49 AM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : ::I tested with Opera successfully! :: :: Change the format string below in order to get a hex display like: :: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); :: :: Post the hex value. :: :: :: :: Fastream Technologies wrote: :: > Hello, :: > :: > With FF, after msg3, :: > :: > Sec := FPSFT^.AcceptSecurityContext(@FHCred, :: >pHCtx, :: >@InBuffDesc, :: >ASC_REQ_SEQUENCE_DETECT, // :: > context requirements :: >SECURITY_NATIVE_DREP, :: >@FHCtx, :: >@OutBuffDesc, :: >ContextAttr, :: >Lifetime); :: > if Sec < 0 then :: > begin // enters here with Sec = -2^31 :: > {$IFDEF DEBUG_EXCEPTIONS} :: > raise Exception.CreateFmt('Init context failed: %d', :: > [Sec]); {$ELSE} :: > Result := ''; :: > FState := lsDoneErr; :: > Exit; :: > {$ENDIF} :: > end; :: > :: > Arno, do you have any idea? :: > :: > Best Regards, :: > :: > SZ :: > :: > ----- Original Message - :: > From: "Fastream Technologies" <[EMAIL PROTECTED]> :: > To: "ICS support mailing" :: > Sent: Thursday, September 14, 2006 8:20 AM :: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: > :: > :: >> Here is the full log: :: >> :: >> FireFox 1.5.0.6: :: >> :: >> 13.09.2006 21:50:09 Connection Opened :: >> :: >> 13.09.2006 21:50:09 From Local :: >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 :: >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 :: >> Firefox/1.5.0.6..Accept: :: >> : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: :: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: :: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: :: >> keep-alive :: >> :: >> 13.09.2006 21:50:09 From Remote :: >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content- :: >> Length: 629..Content-Type: text/html..Connection: keep- :: >> alive..Server: Fastream IQ Reverse Proxy401 :: >> Authorization ... :: >> :: >> 13.09.2006 21:50:17 From Local :: >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 :: >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 :: >> Firefox/1.5.0.6..Accept: :: >> : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: :: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: :: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: :: >> keep-alive..Authorization: NTLM :: >> TlRMTVNTUAABB4IIAAA= :: >> :: >> 13.09.2006 21:50:17 From Remote :: >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM :: >> : TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: :: >> 629..Content-Type: text/html..Connection: keep-alive..Server: :: >> Fastream IQ Reverse Proxy401 Authorization :: >> ... :: >> :: >> 13.09.2006 21:50:17 From Local :: >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 :: >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 :: >> Firefox/1.5.0.6..Accept: :: >> : text/xml,applic
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and gave no errors/exceptions! But I cannot deploy in this form... ;( SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 10:49 AM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :I tested with Opera successfully! : : Change the format string below in order to get a hex display like: : raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); : : Post the hex value. : : : : Fastream Technologies wrote: : > Hello, : > : > With FF, after msg3, : > : > Sec := FPSFT^.AcceptSecurityContext(@FHCred, : >pHCtx, : >@InBuffDesc, : >ASC_REQ_SEQUENCE_DETECT, // : > context requirements : >SECURITY_NATIVE_DREP, : >@FHCtx, : >@OutBuffDesc, : >ContextAttr, : >Lifetime); : > if Sec < 0 then : > begin // enters here with Sec = -2^31 : > {$IFDEF DEBUG_EXCEPTIONS} : > raise Exception.CreateFmt('Init context failed: %d', : > [Sec]); {$ELSE} : > Result := ''; : > FState := lsDoneErr; : > Exit; : > {$ENDIF} : > end; : > : > Arno, do you have any idea? : > : > Best Regards, : > : > SZ : > : > - Original Message - : > From: "Fastream Technologies" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Thursday, September 14, 2006 8:20 AM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Here is the full log: : >> : >> FireFox 1.5.0.6: : >> : >> 13.09.2006 21:50:09 Connection Opened : >> : >> 13.09.2006 21:50:09 From Local : >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : >> Firefox/1.5.0.6..Accept: : >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : >> keep-alive : >> : >> 13.09.2006 21:50:09 From Remote : >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content- : >> Length: 629..Content-Type: text/html..Connection: keep- : >> alive..Server: Fastream IQ Reverse Proxy401 : >> Authorization ... : >> : >> 13.09.2006 21:50:17 From Local : >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : >> Firefox/1.5.0.6..Accept: : >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : >> keep-alive..Authorization: NTLM : >> TlRMTVNTUAABB4IIAAA= : >> : >> 13.09.2006 21:50:17 From Remote : >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : >> TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: : >> 629..Content-Type: text/html..Connection: keep-alive..Server: : >> Fastream IQ Reverse Proxy401 Authorization : >> ... : >> : >> 13.09.2006 21:50:17 From Local : >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : >> Firefox/1.5.0.6..Accept: : >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : >> keep-alive..Authorization: NTLM : >> TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM= : >> : >> 13.09.2006 21:50:17 From Remote : >> HTTP/1.1 401 Authoriza
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I tested with Opera successfully! Change the format string below in order to get a hex display like: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); Post the hex value. Fastream Technologies wrote: > Hello, > > With FF, after msg3, > > Sec := FPSFT^.AcceptSecurityContext(@FHCred, >pHCtx, >@InBuffDesc, >ASC_REQ_SEQUENCE_DETECT, // > context requirements >SECURITY_NATIVE_DREP, >@FHCtx, >@OutBuffDesc, >ContextAttr, >Lifetime); > if Sec < 0 then > begin // enters here with Sec = -2^31 > {$IFDEF DEBUG_EXCEPTIONS} > raise Exception.CreateFmt('Init context failed: %d', > [Sec]); {$ELSE} > Result := ''; > FState := lsDoneErr; > Exit; > {$ENDIF} > end; > > Arno, do you have any idea? > > Best Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Thursday, September 14, 2006 8:20 AM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Here is the full log: >> >> FireFox 1.5.0.6: >> >> 13.09.2006 21:50:09 Connection Opened >> >> 13.09.2006 21:50:09 From Local >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 >> Firefox/1.5.0.6..Accept: >> >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: >> keep-alive >> >> 13.09.2006 21:50:09 From Remote >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content- >> Length: 629..Content-Type: text/html..Connection: keep- >> alive..Server: Fastream IQ Reverse Proxy401 >> Authorization ... >> >> 13.09.2006 21:50:17 From Local >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 >> Firefox/1.5.0.6..Accept: >> >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: >> keep-alive..Authorization: NTLM >> TlRMTVNTUAABB4IIAAA= >> >> 13.09.2006 21:50:17 From Remote >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM >> >> TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: >> 629..Content-Type: text/html..Connection: keep-alive..Server: >> Fastream IQ Reverse Proxy401 Authorization >> ... >> >> 13.09.2006 21:50:17 From Local >> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 >> (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 >> Firefox/1.5.0.6..Accept: >> >> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: >> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: >> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: >> keep-alive..Authorization: NTLM >> >> TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM= >> >> 13.09.2006 21:50:17 From Remote >> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM >> ..Content-Length: 629..Content-Type: text/html..Connection: >> keep-alive..Server: Fastream IQ Reverse >> Proxy401 ... >> >> Still asking for password hereForever... >> >> IE6XP: >> >> 13.09.2006 21:48:06 Connection Opened >> >> 13.09.2006 21:48:06 From Local >> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, >> image/pjpeg, application/x-shockw
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello, With FF, after msg3, Sec := FPSFT^.AcceptSecurityContext(@FHCred, pHCtx, @InBuffDesc, ASC_REQ_SEQUENCE_DETECT, // context requirements SECURITY_NATIVE_DREP, @FHCtx, @OutBuffDesc, ContextAttr, Lifetime); if Sec < 0 then begin // enters here with Sec = -2^31 {$IFDEF DEBUG_EXCEPTIONS} raise Exception.CreateFmt('Init context failed: %d', [Sec]); {$ELSE} Result := ''; FState := lsDoneErr; Exit; {$ENDIF} end; Arno, do you have any idea? Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 8:20 AM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Here is the full log: : : FireFox 1.5.0.6: : : 13.09.2006 21:50:09 Connection Opened : : 13.09.2006 21:50:09 From Local : GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : Firefox/1.5.0.6..Accept: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : keep-alive : : 13.09.2006 21:50:09 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: : 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ : Reverse Proxy401 Authorization : ... : : 13.09.2006 21:50:17 From Local : GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : Firefox/1.5.0.6..Accept: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : keep-alive..Authorization: NTLM : TlRMTVNTUAABB4IIAAA= : : 13.09.2006 21:50:17 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: : 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ : Reverse Proxy401 Authorization : ... : : 13.09.2006 21:50:17 From Local : GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : Firefox/1.5.0.6..Accept: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : keep-alive..Authorization: NTLM : TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM= : : 13.09.2006 21:50:17 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : ..Content-Length: 629..Content-Type: text/html..Connection: : keep-alive..Server: Fastream IQ Reverse Proxy401 : ... : : Still asking for password hereForever... : : IE6XP: : : 13.09.2006 21:48:06 Connection Opened : : 13.09.2006 21:48:06 From Local : GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, application/msword, : application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding: : gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT : 5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection: : Keep-Alive..Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D : : 13.09.2006 21:48:06 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: : 629..Content-Type: text/html..Connection: Keep-Alive..Server: Fastream IQ : Reverse Proxy401 Authorization : ... : : 13.09.2006 21:48:06 From Local : GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, : application/x-shockwave-flash, application/vnd.ms-excel, application/msword, : application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding: : gzip, deflate..User-Agent: Mozilla/4.0 (compatib
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Here is the full log: FireFox 1.5.0.6: 13.09.2006 21:50:09 Connection Opened 13.09.2006 21:50:09 From Local GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6..Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive 13.09.2006 21:50:09 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ Reverse Proxy401 Authorization ... 13.09.2006 21:50:17 From Local GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6..Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive..Authorization: NTLM TlRMTVNTUAABB4IIAAA= 13.09.2006 21:50:17 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ Reverse Proxy401 Authorization ... 13.09.2006 21:50:17 From Local GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6..Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive..Authorization: NTLM TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM= 13.09.2006 21:50:17 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM ..Content-Length: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ Reverse Proxy401 ... Still asking for password hereForever... IE6XP: 13.09.2006 21:48:06 Connection Opened 13.09.2006 21:48:06 From Local GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep-Alive..Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D 13.09.2006 21:48:06 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: 629..Content-Type: text/html..Connection: Keep-Alive..Server: Fastream IQ Reverse Proxy401 Authorization ... 13.09.2006 21:48:06 From Local GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep-Alive..Authorization: NTLM TlRMTVNTUAABB7IIogkACQAuBgAGACgFASgKD0xBUFRPUFdPUktHUk9VUA==..Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D 13.09.2006 21:48:06 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM TlRMTVNTUAACDAAMADgFwoqi1rIk+abQsBfodhAAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: 629..Content-Type: text/html..Connection: Keep-Alive..Server: Fastream IQ Reverse Proxy401 Authorization ... 13.09.2006 21:48:06 From Local GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep-Alive..Authorization: NTLM TlRMTVNTUAADAEgASABIAEgASABIBcKIogUBKAoP..Cookie: IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D 13.09.2006 21:48:06 From Remote HTTP/1.1 200 OK..Content-Typ
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Scrive Fastream Technologies <[EMAIL PROTECTED]>: > Hello, > > Here is the problematic FF log: [...] A file version would be better, and of both browser. > The IE6 response has a different WWW-authenticate. If NTLM is like Digest, > then they should not be expected to be similar anyway (due to hashing). But they should not differ in the domain/user part. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
News! Opera 9.01 available online from www.opera.com supports NTLM! :) Yet the bug also occurs on that software... :( Arno, can you try my exe with Opera? Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 10:46 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : To sum up: we have just one bug/problem left. It is the FF compatibility and : with IE it works fine now. However, Arno claims the code runs well on his : FF1.5.0.6 but the same browser fails here to authenticate. I thought maybe : that's because of my Turkish locale but neither my username nor my password : contains any language-specific characters. Also user "a" with a blank : password also fails. I have just one other browser that is Opera and it does : not support NTLM. I tried with FlashGet and it worked fine in login mode : though. So either this is a FF bug or what? : : Thanks to all who helped me today: Arno, Benjamin, Maurizio and everybody : else who simply took our traffic! : : Best Regards, : : SZ : : - Original Message - : From: "Fastream Technologies" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Wednesday, September 13, 2006 10:04 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Hello, :: :: Here is the problematic FF log: :: :: 13.09.2006 21:50:09 Connection Opened :: :: 13.09.2006 21:50:09 From Local :: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 :: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 :: Firefox/1.5.0.6..Accept: :: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: :: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: :: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: :: keep-alive :: :: 13.09.2006 21:50:09 From Remote :: HTTP/1.1 401 Authorization Required..WWW-Authenticate: : NTLM..Content-Length: :: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ :: Reverse Proxy401 :: ... :: :: 13.09.2006 21:50:17 From Local :: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 :: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 :: Firefox/1.5.0.6..Accept: :: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: :: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: :: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: :: keep-alive..Authorization: NTLM :: TlRMTVNTUAABB4IIAAA= :: :: 13.09.2006 21:50:17 From Remote :: HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM :: : TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: :: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ :: Reverse Proxy401 Authorization :: Required401 :: ... :: :: :: The IE6 response has a different WWW-authenticate. If NTLM is like Digest, :: then they should not be expected to be similar anyway (due to hashing). :: :: Regards, :: :: SZ :: :: - Original Message - :: From: "Maurizio Lotauro" <[EMAIL PROTECTED]> :: To: "ICS support mailing" :: Sent: Wednesday, September 13, 2006 9:06 PM :: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: :: ::: Scrive Fastream Technologies <[EMAIL PROTECTED]>: ::: ::: [...] ::: ::: > Second, I still cannot get the FF to work. I believe this is an issue : at ::: > least some customers would complain if I deploy now, wrong? ::: ::: But does IE work? In that case compare the log made with ethereal. ::: ::: ::: Bye, Maurizio. ::: ::: ::: ::: This mail has been sent using Alpikom webmail system ::: http://www.alpikom.it ::: ::: -- ::: To unsubscribe or change your settings for TWSocket mailing list ::: please goto http://www.elists.org/mailman/listinfo/twsocket ::: Visit our website at http://www.overbyte.be :: :: -- :: To unsubscribe or change your settings for TWSocket mailing list :: please goto http://www.elists.org/mailman/listinfo/twsocket :: Visit our website at http://www.overbyte.be : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
To sum up: we have just one bug/problem left. It is the FF compatibility and with IE it works fine now. However, Arno claims the code runs well on his FF1.5.0.6 but the same browser fails here to authenticate. I thought maybe that's because of my Turkish locale but neither my username nor my password contains any language-specific characters. Also user "a" with a blank password also fails. I have just one other browser that is Opera and it does not support NTLM. I tried with FlashGet and it worked fine in login mode though. So either this is a FF bug or what? Thanks to all who helped me today: Arno, Benjamin, Maurizio and everybody else who simply took our traffic! Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 10:04 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Hello, : : Here is the problematic FF log: : : 13.09.2006 21:50:09 Connection Opened : : 13.09.2006 21:50:09 From Local : GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : Firefox/1.5.0.6..Accept: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : keep-alive : : 13.09.2006 21:50:09 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: : 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ : Reverse Proxy401 : ... : : 13.09.2006 21:50:17 From Local : GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 : (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 : Firefox/1.5.0.6..Accept: : text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: : windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: : keep-alive..Authorization: NTLM : TlRMTVNTUAABB4IIAAA= : : 13.09.2006 21:50:17 From Remote : HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: : 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ : Reverse Proxy401 Authorization : Required401 : ... : : : The IE6 response has a different WWW-authenticate. If NTLM is like Digest, : then they should not be expected to be similar anyway (due to hashing). : : Regards, : : SZ : : - Original Message - : From: "Maurizio Lotauro" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Wednesday, September 13, 2006 9:06 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Scrive Fastream Technologies <[EMAIL PROTECTED]>: :: :: [...] :: :: > Second, I still cannot get the FF to work. I believe this is an issue at :: > least some customers would complain if I deploy now, wrong? :: :: But does IE work? In that case compare the log made with ethereal. :: :: :: Bye, Maurizio. :: :: :: :: This mail has been sent using Alpikom webmail system :: http://www.alpikom.it :: :: -- :: To unsubscribe or change your settings for TWSocket mailing list :: please goto http://www.elists.org/mailman/listinfo/twsocket :: Visit our website at http://www.overbyte.be : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello, Here is the problematic FF log: 13.09.2006 21:50:09 Connection Opened 13.09.2006 21:50:09 From Local GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6..Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive 13.09.2006 21:50:09 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ Reverse Proxy401 ... 13.09.2006 21:50:17 From Local GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6..Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive..Authorization: NTLM TlRMTVNTUAABB4IIAAA= 13.09.2006 21:50:17 From Remote HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ Reverse Proxy401 Authorization Required401 ... The IE6 response has a different WWW-authenticate. If NTLM is like Digest, then they should not be expected to be similar anyway (due to hashing). Regards, SZ - Original Message - From: "Maurizio Lotauro" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 9:06 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Scrive Fastream Technologies <[EMAIL PROTECTED]>: : : [...] : : > Second, I still cannot get the FF to work. I believe this is an issue at : > least some customers would complain if I deploy now, wrong? : : But does IE work? In that case compare the log made with ethereal. : : : Bye, Maurizio. : : : : This mail has been sent using Alpikom webmail system : http://www.alpikom.it : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies schrieb: > > Arno, > > You have the option to enter the NTLM domain name in msg1 of NTLM (base64 > encoded). That's what I mean. I'm not Arno but again, in the browser a domain is only specified in the form domain\user in the user field of the browser's login window *if* the user's account you want to use is in another domain which is trusted by the "server application domain". This is a special case. I think this is not what you are trying to work with, so forget about it for the moment. Normally you may not be able (depends on security settings) to specify another domain in the user field when the server application is running with a user from a different domain than the user's specified domain name, or the server app is using a local user. The auth request may fail then. What sense would it make to use any domain you like? Why should the server trust you? > Second, I still cannot get the FF to work. I believe this is an issue at > least some customers would complain if I deploy now, wrong? > > Regards, > > SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Scrive Fastream Technologies <[EMAIL PROTECTED]>: [...] > Second, I still cannot get the FF to work. I believe this is an issue at > least some customers would complain if I deploy now, wrong? But does IE work? In that case compare the log made with ethereal. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: >> Arno, >> >> You have the option to enter the NTLM domain name in msg1 of NTLM >> (base64 encoded). That's what I mean. > Again: NTLM message 1 is sent by the the client/browser!! The job was clearly "Implement NTLM support to THttpSrv" and not "make my reverse proxy working with NTLM". --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > > Second, I still cannot get the FF to work. I believe this is an issue > at least some customers would complain if I deploy now, wrong? > > Regards, > > SZ > > - Original Message - > From: "Stadin, Benjamin" <[EMAIL PROTECTED]> > To: > Sent: Wednesday, September 13, 2006 7:38 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Normally you won't have a reason to use another domain, the server >> appplication uses the domain of the user account it is running with. >> Make sure your application is running with the domain account you >> want to use AND sufficent privileges (needed to query the user >> database). >> >> You have to give a domain user using domain\user - if, an only if, >> the server >> you're sending this information to is in *another* domain (with >> domain trustship) than the server application is working with. >> >> So that's necessary when domains are set up to trust each other. The >> Outlook web access I'm writing this email from prompts only for user >> name and password. I use this webmailer for years and it has always >> be the same, it looks the same with every browser that supports NTLM >> auth (IE, Firefox, konqueror, countless others on Unix and Solaris). >> >> I give you an example: >> My user account is in the default domain "g" where the server is in, >> but other users from a domain (ie "d") that is trusted by domain "g" >> have to write d\myusername. The difference is that Windows will >> query the trusted domain instead to look in it's own user database. >> Only in this special case you need to specify another domain. >> >> - You will need hm... I don't remember ...years ago.. (not admin >> rights but at least "helper" privileges) to be able to query for >> other domain users than yourself. It's the credentials from the >> logged in (server) application user, if you are running with a local >> account you won't be able to query the domain controller. >> - You can *not* just give specify another domain in the user field >> if the serevrs are not set up to trust each other >> - You can also *not* authenticate users of another trusted domain, >> if you use trusted domains, without your application user having >> privileges in every of the trusted domains >> >> Benjamin Stadin >> >> >> Fastream Technologies schrieb: >>> >>> Ok, thank you for tolerating my insistence. I am trying to >>> understand. >>> >>> There is just one issue left: under IE6XP, when I log in, I am not >>> asked of any NTLM-domain name! And assuming that it is like IE-FTP >>> client, I cannot find the log in change option in any menu! Does >>> anybody know the logic behind this? I have seen the words of >>> Francois but I am opting for just the opposite--instead of auto >>> logging in, I want the _option_ to be able to select the NTLM- >>> domain. >>> >>> Best Regards, >>> >>> SZ >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ok. I am trying to understand why the FF does not work... - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 8:05 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Arno, : > : > You have the option to enter the NTLM domain name in msg1 of NTLM : > (base64 encoded). That's what I mean. : : Again: NTLM message 1 is sent by the the client/browser!! : : : > : > Second, I still cannot get the FF to work. I believe this is an issue : > at least some customers would complain if I deploy now, wrong? : > : > Regards, : > : > SZ : > : > - Original Message - : > From: "Stadin, Benjamin" <[EMAIL PROTECTED]> : > To: : > Sent: Wednesday, September 13, 2006 7:38 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Normally you won't have a reason to use another domain, the server : >> appplication uses the domain of the user account it is running with. : >> Make sure your application is running with the domain account you : >> want to use AND sufficent privileges (needed to query the user : >> database). : >> : >> You have to give a domain user using domain\user - if, an only if, : >> the server : >> you're sending this information to is in *another* domain (with : >> domain trustship) than the server application is working with. : >> : >> So that's necessary when domains are set up to trust each other. The : >> Outlook web access I'm writing this email from prompts only for user : >> name and password. I use this webmailer for years and it has always : >> be the same, it looks the same with every browser that supports NTLM : >> auth (IE, Firefox, konqueror, countless others on Unix and Solaris). : >> : >> I give you an example: : >> My user account is in the default domain "g" where the server is in, : >> but other users from a domain (ie "d") that is trusted by domain "g" : >> have to write d\myusername. The difference is that Windows will : >> query the trusted domain instead to look in it's own user database. : >> Only in this special case you need to specify another domain. : >> : >> - You will need hm... I don't remember ...years ago.. (not admin : >> rights but at least "helper" privileges) to be able to query for : >> other domain users than yourself. It's the credentials from the : >> logged in (server) application user, if you are running with a local : >> account you won't be able to query the domain controller. : >> - You can *not* just give specify another domain in the user field : >> if the serevrs are not set up to trust each other : >> - You can also *not* authenticate users of another trusted domain, : >> if you use trusted domains, without your application user having : >> privileges in every of the trusted domains : >> : >> Benjamin Stadin : >> : >> : >> : >> Fastream Technologies schrieb: : >>> : >>> Ok, thank you for tolerating my insistence. I am trying to : >>> understand. : >>> : >>> There is just one issue left: under IE6XP, when I log in, I am not : >>> asked of any NTLM-domain name! And assuming that it is like IE-FTP : >>> client, I cannot find the log in change option in any menu! Does : >>> anybody know the logic behind this? I have seen the words of : >>> Francois but I am opting for just the opposite--instead of auto : >>> logging in, I want the _option_ to be able to select the NTLM- : >>> domain. : >>> : >>> Best Regards, : >>> : >>> SZ : >> : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Arno, > > You have the option to enter the NTLM domain name in msg1 of NTLM > (base64 encoded). That's what I mean. Again: NTLM message 1 is sent by the the client/browser!! > > Second, I still cannot get the FF to work. I believe this is an issue > at least some customers would complain if I deploy now, wrong? > > Regards, > > SZ > > - Original Message - > From: "Stadin, Benjamin" <[EMAIL PROTECTED]> > To: > Sent: Wednesday, September 13, 2006 7:38 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Normally you won't have a reason to use another domain, the server >> appplication uses the domain of the user account it is running with. >> Make sure your application is running with the domain account you >> want to use AND sufficent privileges (needed to query the user >> database). >> >> You have to give a domain user using domain\user - if, an only if, >> the server >> you're sending this information to is in *another* domain (with >> domain trustship) than the server application is working with. >> >> So that's necessary when domains are set up to trust each other. The >> Outlook web access I'm writing this email from prompts only for user >> name and password. I use this webmailer for years and it has always >> be the same, it looks the same with every browser that supports NTLM >> auth (IE, Firefox, konqueror, countless others on Unix and Solaris). >> >> I give you an example: >> My user account is in the default domain "g" where the server is in, >> but other users from a domain (ie "d") that is trusted by domain "g" >> have to write d\myusername. The difference is that Windows will >> query the trusted domain instead to look in it's own user database. >> Only in this special case you need to specify another domain. >> >> - You will need hm... I don't remember ...years ago.. (not admin >> rights but at least "helper" privileges) to be able to query for >> other domain users than yourself. It's the credentials from the >> logged in (server) application user, if you are running with a local >> account you won't be able to query the domain controller. >> - You can *not* just give specify another domain in the user field >> if the serevrs are not set up to trust each other >> - You can also *not* authenticate users of another trusted domain, >> if you use trusted domains, without your application user having >> privileges in every of the trusted domains >> >> Benjamin Stadin >> >> >> >> Fastream Technologies schrieb: >>> >>> Ok, thank you for tolerating my insistence. I am trying to >>> understand. >>> >>> There is just one issue left: under IE6XP, when I log in, I am not >>> asked of any NTLM-domain name! And assuming that it is like IE-FTP >>> client, I cannot find the log in change option in any menu! Does >>> anybody know the logic behind this? I have seen the words of >>> Francois but I am opting for just the opposite--instead of auto >>> logging in, I want the _option_ to be able to select the NTLM- >>> domain. >>> >>> Best Regards, >>> >>> SZ >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Scrive Fastream Technologies <[EMAIL PROTECTED]>: > I think there is a misundestanding. Yes that's what the page says and I > mean: the "msg" contains the domain BUT in your code, the FF displays domain > > as "" (null). That needs to be fixed. At least "localhost" or "127.0.0.1" > should be displayed there. Why? A domain name is not the name of a PC nor an IP address. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Arno, You have the option to enter the NTLM domain name in msg1 of NTLM (base64 encoded). That's what I mean. Second, I still cannot get the FF to work. I believe this is an issue at least some customers would complain if I deploy now, wrong? Regards, SZ - Original Message - From: "Stadin, Benjamin" <[EMAIL PROTECTED]> To: Sent: Wednesday, September 13, 2006 7:38 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Normally you won't have a reason to use another domain, the server : appplication uses the domain of the user account it is running with. : Make sure your application is running with the domain account you want to : use AND sufficent privileges (needed to query the user database). : : You have to give a domain user using domain\user - if, an only if, the : server : you're sending this information to is in *another* domain (with domain : trustship) than the server application is working with. : : So that's necessary when domains are set up to trust each other. The Outlook : web access I'm writing this email from prompts only for user name and : password. I use this webmailer for years and it has always be the same, it : looks the same with every browser that supports NTLM auth (IE, Firefox, : konqueror, countless others on Unix and Solaris). : : I give you an example: : My user account is in the default domain "g" where the server is in, but : other users from a domain (ie "d") that is trusted by domain "g" have to : write d\myusername. The difference is that Windows will query the trusted : domain instead to look in it's own user database. Only in this special case : you need to specify another domain. : : - You will need hm... I don't remember ...years ago.. (not admin rights but : at least "helper" privileges) to be able to query for other domain users : than yourself. It's the credentials from the logged in (server) application : user, if you are running with a local account you won't be able to query the : domain controller. : - You can *not* just give specify another domain in the user field if the : serevrs are not set up to trust each other : - You can also *not* authenticate users of another trusted domain, if you : use trusted domains, without your application user having privileges in : every of the trusted domains : : Benjamin Stadin : : : : Fastream Technologies schrieb: : > : > Ok, thank you for tolerating my insistence. I am trying to understand. : > : > There is just one issue left: under IE6XP, when I log in, I am not asked : of : > any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot : > find the log in change option in any menu! Does anybody know the logic : > behind this? I have seen the words of Francois but I am opting for just : the : > opposite--instead of auto logging in, I want the _option_ to be able to : > select the NTLM-domain. : > : > Best Regards, : > : > SZ : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Ok but let's say the server is running on multiple domains using a > domain > controller. Then I guess that the default authenticating authority will be the DC, someone needs to test that, anybody out there with a domain environment? > At simplest, a normal domain and the local domain. I've never heard of a local domain, either your webserver box is a member of a domain or it is a standalone box (in this case you have to ensure that any account is locally, physically available on the webserver box). > How > does the > client decides which one of them to log on to? The client cannot know that in the firstplace, it only gets the WWW-Authenticate headers, they do not include any domain information. And why don't you fill > in the > domain field in the NTLM msg 1? I don't fill it in, the client fills it in!! > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 7:25 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok, thank you for tolerating my insistence. I am trying to >> understand. >> >> There is just one issue left: under IE6XP, when I log in, I am not >> asked of >> any NTLM-domain name! > > Because there's no Domain information anywhere, The server just sends > HTTP header "WWW-Athenticate: NTLM". The client the initiates > NTLM authentication by sending the NTLM message 1 (which has a domain > field, but that's mostly not filled) > > >> And assuming that it is like IE-FTP client, I >> cannot >> find the log in change option in any menu! Does anybody know the >> logic behind this? I have seen the words of Francois but I am opting >> for just the >> opposite--instead of auto logging in, I want the _option_ to be able >> to >> select the NTLM-domain. >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 6:48 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> I mean the base64 message not the HTTP header. >> >> I'll give it up soon... >> THIS IS A CLIENT ISSUE!! >> The same happens when you try to access a protected page on >> IIS. >> >>> >>> >>> Again, >>> >>> I think there is a misunderstanding. Yes that's what the page says >>> and I >>> mean: the "msg" contains the domain BUT in your code, the FF >>> displays domain >>> as "" (null). That needs to be fixed. At least "localhost" or >>> "127.0.0.1" >>> should be displayed there. >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 6:36 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> I do not believe the empty domain implementation is correct!! >>> >>> What do you mean by that? A missing Domain HTTP header field? >>> At least in my environment both IE as IIS do not sent any HTTP >>> Domain header. AND M$ invented NTLM, it is undocumented. >>> >>>> Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 5:59 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>> Fastream Technologies wrote: >>>>> Hello Arno and Francois, >>>>> >>>>> I cannot debug Arno's demo: It stops at breakpoints but does not >>>>> let me >>>>> inspect: >>>> >>>> AFAIK it's not possible to do that, and BTW I don't believe your >>>> problem >>>> has to do with the ICS server. IE works for you, right? You may try >>>> Netscape >>>> as well. >>>> >>>> >>>>> >>>>> ht
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Thank you for the explanation Benjamin! I got it now. BTW, one note for others: Opera does not support NTLM. :( - Original Message - From: "Stadin, Benjamin" <[EMAIL PROTECTED]> To: Sent: Wednesday, September 13, 2006 7:38 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Normally you won't have a reason to use another domain, the server : appplication uses the domain of the user account it is running with. : Make sure your application is running with the domain account you want to : use AND sufficent privileges (needed to query the user database). : : You have to give a domain user using domain\user - if, an only if, the : server : you're sending this information to is in *another* domain (with domain : trustship) than the server application is working with. : : So that's necessary when domains are set up to trust each other. The Outlook : web access I'm writing this email from prompts only for user name and : password. I use this webmailer for years and it has always be the same, it : looks the same with every browser that supports NTLM auth (IE, Firefox, : konqueror, countless others on Unix and Solaris). : : I give you an example: : My user account is in the default domain "g" where the server is in, but : other users from a domain (ie "d") that is trusted by domain "g" have to : write d\myusername. The difference is that Windows will query the trusted : domain instead to look in it's own user database. Only in this special case : you need to specify another domain. : : - You will need hm... I don't remember ...years ago.. (not admin rights but : at least "helper" privileges) to be able to query for other domain users : than yourself. It's the credentials from the logged in (server) application : user, if you are running with a local account you won't be able to query the : domain controller. : - You can *not* just give specify another domain in the user field if the : serevrs are not set up to trust each other : - You can also *not* authenticate users of another trusted domain, if you : use trusted domains, without your application user having privileges in : every of the trusted domains : : Benjamin Stadin : : : : Fastream Technologies schrieb: : > : > Ok, thank you for tolerating my insistence. I am trying to understand. : > : > There is just one issue left: under IE6XP, when I log in, I am not asked : of : > any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot : > find the log in change option in any menu! Does anybody know the logic : > behind this? I have seen the words of Francois but I am opting for just : the : > opposite--instead of auto logging in, I want the _option_ to be able to : > select the NTLM-domain. : > : > Best Regards, : > : > SZ : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Normally you won't have a reason to use another domain, the server appplication uses the domain of the user account it is running with. Make sure your application is running with the domain account you want to use AND sufficent privileges (needed to query the user database). You have to give a domain user using domain\user - if, an only if, the server you're sending this information to is in *another* domain (with domain trustship) than the server application is working with. So that's necessary when domains are set up to trust each other. The Outlook web access I'm writing this email from prompts only for user name and password. I use this webmailer for years and it has always be the same, it looks the same with every browser that supports NTLM auth (IE, Firefox, konqueror, countless others on Unix and Solaris). I give you an example: My user account is in the default domain "g" where the server is in, but other users from a domain (ie "d") that is trusted by domain "g" have to write d\myusername. The difference is that Windows will query the trusted domain instead to look in it's own user database. Only in this special case you need to specify another domain. - You will need hm... I don't remember ...years ago.. (not admin rights but at least "helper" privileges) to be able to query for other domain users than yourself. It's the credentials from the logged in (server) application user, if you are running with a local account you won't be able to query the domain controller. - You can *not* just give specify another domain in the user field if the serevrs are not set up to trust each other - You can also *not* authenticate users of another trusted domain, if you use trusted domains, without your application user having privileges in every of the trusted domains Benjamin Stadin Fastream Technologies schrieb: > > Ok, thank you for tolerating my insistence. I am trying to understand. > > There is just one issue left: under IE6XP, when I log in, I am not asked of > any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot > find the log in change option in any menu! Does anybody know the logic > behind this? I have seen the words of Francois but I am opting for just the > opposite--instead of auto logging in, I want the _option_ to be able to > select the NTLM-domain. > > Best Regards, > > SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ok but let's say the server is running on multiple domains using a domain controller. At simplest, a normal domain and the local domain. How does the client decides which one of them to log on to? And why don't you fill in the domain field in the NTLM msg 1? Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 7:25 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Ok, thank you for tolerating my insistence. I am trying to understand. > > There is just one issue left: under IE6XP, when I log in, I am not > asked of > any NTLM-domain name! Because there's no Domain information anywhere, The server just sends HTTP header "WWW-Athenticate: NTLM". The client the initiates NTLM authentication by sending the NTLM message 1 (which has a domain field, but that's mostly not filled) > And assuming that it is like IE-FTP client, I > cannot > find the log in change option in any menu! Does anybody know the logic > behind this? I have seen the words of Francois but I am opting for > just the > opposite--instead of auto logging in, I want the _option_ to be able > to > select the NTLM-domain. > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 6:48 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> I mean the base64 message not the HTTP header. > > I'll give it up soon... > THIS IS A CLIENT ISSUE!! > The same happens when you try to access a protected page on > IIS. > >> >> >> Again, >> >> I think there is a misunderstanding. Yes that's what the page says >> and I >> mean: the "msg" contains the domain BUT in your code, the FF displays >> domain >> as "" (null). That needs to be fixed. At least "localhost" or >> "127.0.0.1" >> should be displayed there. >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 6:36 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> I do not believe the empty domain implementation is correct!! >> >> What do you mean by that? A missing Domain HTTP header field? >> At least in my environment both IE as IIS do not sent any HTTP Domain >> header. AND M$ invented NTLM, it is undocumented. >> >>> Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 5:59 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> Hello Arno and Francois, >>>> >>>> I cannot debug Arno's demo: It stops at breakpoints but does not >>>> let me >>>> inspect: >>> >>> AFAIK it's not possible to do that, and BTW I don't believe your >>> problem >>> has to do with the ICS server. IE works for you, right? You may try >>> Netscape >>> as well. >>> >>> >>>> >>>> http://www.fastream.com/ics/arnoscreenshot2.png >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 5:10 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>> Fastream Technologies wrote: >>>>> Ok. It is not related with port. One idea: my Windows username >>>>> includes a space. Could this matter? >>>> >>>> Why don't you create a new account w/o a space and try that out by >>>> yourself? >>>> I created one including a space as well as including German >>>> spezific characters above 128 such as so called Umlauts like Ü,ü, >>>> and ß which is another form of ss. >>>> >>>> >>>>> Should there be made any >>&
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Ok, thank you for tolerating my insistence. I am trying to understand. > > There is just one issue left: under IE6XP, when I log in, I am not > asked of > any NTLM-domain name! Because there's no Domain information anywhere, The server just sends HTTP header "WWW-Athenticate: NTLM". The client the initiates NTLM authentication by sending the NTLM message 1 (which has a domain field, but that's mostly not filled) > And assuming that it is like IE-FTP client, I > cannot > find the log in change option in any menu! Does anybody know the logic > behind this? I have seen the words of Francois but I am opting for > just the > opposite--instead of auto logging in, I want the _option_ to be able > to > select the NTLM-domain. > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 6:48 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> I mean the base64 message not the HTTP header. > > I'll give it up soon... > THIS IS A CLIENT ISSUE!! > The same happens when you try to access a protected page on > IIS. > >> >> >> Again, >> >> I think there is a misunderstanding. Yes that's what the page says >> and I >> mean: the "msg" contains the domain BUT in your code, the FF displays >> domain >> as "" (null). That needs to be fixed. At least "localhost" or >> "127.0.0.1" >> should be displayed there. >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 6:36 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> I do not believe the empty domain implementation is correct!! >> >> What do you mean by that? A missing Domain HTTP header field? >> At least in my environment both IE as IIS do not sent any HTTP Domain >> header. AND M$ invented NTLM, it is undocumented. >> >>> Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 5:59 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> Hello Arno and Francois, >>>> >>>> I cannot debug Arno's demo: It stops at breakpoints but does not >>>> let me >>>> inspect: >>> >>> AFAIK it's not possible to do that, and BTW I don't believe your >>> problem >>> has to do with the ICS server. IE works for you, right? You may try >>> Netscape >>> as well. >>> >>> >>>> >>>> http://www.fastream.com/ics/arnoscreenshot2.png >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 5:10 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>> Fastream Technologies wrote: >>>>> Ok. It is not related with port. One idea: my Windows username >>>>> includes a space. Could this matter? >>>> >>>> Why don't you create a new account w/o a space and try that out by >>>> yourself? >>>> I created one including a space as well as including German >>>> spezific characters above 128 such as so called Umlauts like Ü,ü, >>>> and ß which is another form of ss. >>>> >>>> >>>>> Should there be made any >>>>> encoding/decoding? >>>>> >>>>> Best Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 4:53 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NT
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ok, thank you for tolerating my insistence. I am trying to understand. There is just one issue left: under IE6XP, when I log in, I am not asked of any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot find the log in change option in any menu! Does anybody know the logic behind this? I have seen the words of Francois but I am opting for just the opposite--instead of auto logging in, I want the _option_ to be able to select the NTLM-domain. Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 6:48 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > I mean the base64 message not the HTTP header. I'll give it up soon... THIS IS A CLIENT ISSUE!! The same happens when you try to access a protected page on IIS. > > > Again, > > I think there is a misunderstanding. Yes that's what the page says > and I > mean: the "msg" contains the domain BUT in your code, the FF displays > domain > as "" (null). That needs to be fixed. At least "localhost" or > "127.0.0.1" > should be displayed there. > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 6:36 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> I do not believe the empty domain implementation is correct!! > > What do you mean by that? A missing Domain HTTP header field? > At least in my environment both IE as IIS do not sent any HTTP Domain > header. AND M$ invented NTLM, it is undocumented. > >> Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:59 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Hello Arno and Francois, >>> >>> I cannot debug Arno's demo: It stops at breakpoints but does not let >>> me >>> inspect: >> >> AFAIK it's not possible to do that, and BTW I don't believe your >> problem >> has to do with the ICS server. IE works for you, right? You may try >> Netscape >> as well. >> >> >>> >>> http://www.fastream.com/ics/arnoscreenshot2.png >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 5:10 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> Ok. It is not related with port. One idea: my Windows username >>>> includes a space. Could this matter? >>> >>> Why don't you create a new account w/o a space and try that out by >>> yourself? >>> I created one including a space as well as including German spezific >>> characters above 128 such as so called Umlauts like Ü,ü, and ß which >>> is another form of ss. >>> >>> >>>> Should there be made any >>>> encoding/decoding? >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:53 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Did you try a non-80 port? >>>>> >>>>> No I haven't, have you tried the standard port? >>>>> >>>>>> Maybe that requires a domain in the header? >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > I mean the base64 message not the HTTP header. I'll give it up soon... THIS IS A CLIENT ISSUE!! The same happens when you try to access a protected page on IIS. > > > Again, > > I think there is a misunderstanding. Yes that's what the page says > and I > mean: the "msg" contains the domain BUT in your code, the FF displays > domain > as "" (null). That needs to be fixed. At least "localhost" or > "127.0.0.1" > should be displayed there. > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 6:36 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> I do not believe the empty domain implementation is correct!! > > What do you mean by that? A missing Domain HTTP header field? > At least in my environment both IE as IIS do not sent any HTTP Domain > header. AND M$ invented NTLM, it is undocumented. > >> Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:59 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Hello Arno and Francois, >>> >>> I cannot debug Arno's demo: It stops at breakpoints but does not let >>> me >>> inspect: >> >> AFAIK it's not possible to do that, and BTW I don't believe your >> problem >> has to do with the ICS server. IE works for you, right? You may try >> Netscape >> as well. >> >> >>> >>> http://www.fastream.com/ics/arnoscreenshot2.png >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 5:10 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> Ok. It is not related with port. One idea: my Windows username >>>> includes a space. Could this matter? >>> >>> Why don't you create a new account w/o a space and try that out by >>> yourself? >>> I created one including a space as well as including German spezific >>> characters above 128 such as so called Umlauts like Ü,ü, and ß which >>> is another form of ss. >>> >>> >>>> Should there be made any >>>> encoding/decoding? >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:53 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Did you try a non-80 port? >>>>> >>>>> No I haven't, have you tried the standard port? >>>>> >>>>>> Maybe that requires a domain in the header? >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> Hello Arno and Everybody, >>>>>>>> >>>>>>>> Could you look at this screenshot carefully: >>>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>>> >>>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>>> It does not let >>>>>>>> me authenticate and there is no domain information--both not >>>>>>>> stated ("") and asked for!
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I mean the base64 message not the HTTP header. Again, I think there is a misunderstanding. Yes that's what the page says and I mean: the "msg" contains the domain BUT in your code, the FF displays domain as "" (null). That needs to be fixed. At least "localhost" or "127.0.0.1" should be displayed there. - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 6:36 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > I do not believe the empty domain implementation is correct!! What do you mean by that? A missing Domain HTTP header field? At least in my environment both IE as IIS do not sent any HTTP Domain header. AND M$ invented NTLM, it is undocumented. > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:59 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Hello Arno and Francois, >> >> I cannot debug Arno's demo: It stops at breakpoints but does not let >> me >> inspect: > > AFAIK it's not possible to do that, and BTW I don't believe your > problem > has to do with the ICS server. IE works for you, right? You may try > Netscape > as well. > > >> >> http://www.fastream.com/ics/arnoscreenshot2.png >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:10 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Ok. It is not related with port. One idea: my Windows username >>> includes a space. Could this matter? >> >> Why don't you create a new account w/o a space and try that out by >> yourself? >> I created one including a space as well as including German spezific >> characters above 128 such as so called Umlauts like Ü,ü, and ß which >> is another form of ss. >> >> >>> Should there be made any >>> encoding/decoding? >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:53 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Did you try a non-80 port? >>>> >>>> No I haven't, have you tried the standard port? >>>> >>>>> Maybe that requires a domain in the header? >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> Hello Arno and Everybody, >>>>>>> >>>>>>> Could you look at this screenshot carefully: >>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>> >>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>> It does not let >>>>>>> me authenticate and there is no domain information--both not >>>>>>> stated ("") and asked for! >>>>>> >>>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>>> successfully. Sure the account must be on the same box. >>>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>>> >>>>>> >>>>>>> >>>>>>> Best Regards, >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > as "" (null). That needs to be fixed. At least "localhost" or > "127.0.0.1" > should be displayed there. Ask the FireFox developer to fix it. > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 6:27 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Hello, >> >> In this site: http://www.innovation.ch/personal/ronald/ntlm.html the >> domain >> names (both the HTTP and NTLM domains) are said to be transmitted in >> the >> base64 encoding msgs. > > Where have you read that? Give us a search string, not everybody is > willing > to study the this page from the beginning. > > Domain fields exists in the NTLM messages, not in any other HTTP > header. > AND I've never seen a client/browser that fills the Domain field in > NTLM > message 1. > > > Could you check this out? I do not believe the >> empty >> domain implementation is correct!! >> >> Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:59 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Hello Arno and Francois, >>> >>> I cannot debug Arno's demo: It stops at breakpoints but does not let >>> me >>> inspect: >> >> AFAIK it's not possible to do that, and BTW I don't believe your >> problem >> has to do with the ICS server. IE works for you, right? You may try >> Netscape >> as well. >> >> >>> >>> http://www.fastream.com/ics/arnoscreenshot2.png >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 5:10 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>> Fastream Technologies wrote: >>>> Ok. It is not related with port. One idea: my Windows username >>>> includes a space. Could this matter? >>> >>> Why don't you create a new account w/o a space and try that out by >>> yourself? >>> I created one including a space as well as including German spezific >>> characters above 128 such as so called Umlauts like Ü,ü, and ß which >>> is another form of ss. >>> >>> >>>> Should there be made any >>>> encoding/decoding? >>>> >>>> Best Regards, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:53 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Did you try a non-80 port? >>>>> >>>>> No I haven't, have you tried the standard port? >>>>> >>>>>> Maybe that requires a domain in the header? >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> Hello Arno and Everybody, >>>>>>>> >>>>>>>> Could you look at this screenshot carefully: >>>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>>> >>>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>>> It does not let >>>>>>>> me authenticate and there is no domain informat
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > I do not believe the empty domain implementation is correct!! What do you mean by that? A missing Domain HTTP header field? At least in my environment both IE as IIS do not sent any HTTP Domain header. AND M$ invented NTLM, it is undocumented. > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:59 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Hello Arno and Francois, >> >> I cannot debug Arno's demo: It stops at breakpoints but does not let >> me >> inspect: > > AFAIK it's not possible to do that, and BTW I don't believe your > problem > has to do with the ICS server. IE works for you, right? You may try > Netscape > as well. > > >> >> http://www.fastream.com/ics/arnoscreenshot2.png >> >> Best Regards, >> >> SZ >> >> - Original Message ----- >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:10 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Ok. It is not related with port. One idea: my Windows username >>> includes a space. Could this matter? >> >> Why don't you create a new account w/o a space and try that out by >> yourself? >> I created one including a space as well as including German spezific >> characters above 128 such as so called Umlauts like Ü,ü, and ß which >> is another form of ss. >> >> >>> Should there be made any >>> encoding/decoding? >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:53 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Did you try a non-80 port? >>>> >>>> No I haven't, have you tried the standard port? >>>> >>>>> Maybe that requires a domain in the header? >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> Hello Arno and Everybody, >>>>>>> >>>>>>> Could you look at this screenshot carefully: >>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>> >>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>> It does not let >>>>>>> me authenticate and there is no domain information--both not >>>>>>> stated ("") and asked for! >>>>>> >>>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>>> successfully. Sure the account must be on the same box. >>>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>>> >>>>>> >>>>>>> >>>>>>> Best Regards, >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>>> >>>>>>>> BTW
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I think there is a misundestanding. Yes that's what the page says and I mean: the "msg" contains the domain BUT in your code, the FF displays domain as "" (null). That needs to be fixed. At least "localhost" or "127.0.0.1" should be displayed there. - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 6:27 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Hello, > > In this site: http://www.innovation.ch/personal/ronald/ntlm.html the > domain > names (both the HTTP and NTLM domains) are said to be transmitted in > the > base64 encoding msgs. Where have you read that? Give us a search string, not everybody is willing to study the this page from the beginning. Domain fields exists in the NTLM messages, not in any other HTTP header. AND I've never seen a client/browser that fills the Domain field in NTLM message 1. Could you check this out? I do not believe the > empty > domain implementation is correct!! > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:59 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Hello Arno and Francois, >> >> I cannot debug Arno's demo: It stops at breakpoints but does not let >> me >> inspect: > > AFAIK it's not possible to do that, and BTW I don't believe your > problem > has to do with the ICS server. IE works for you, right? You may try > Netscape > as well. > > >> >> http://www.fastream.com/ics/arnoscreenshot2.png >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:10 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Ok. It is not related with port. One idea: my Windows username >>> includes a space. Could this matter? >> >> Why don't you create a new account w/o a space and try that out by >> yourself? >> I created one including a space as well as including German spezific >> characters above 128 such as so called Umlauts like Ü,ü, and ß which >> is another form of ss. >> >> >>> Should there be made any >>> encoding/decoding? >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:53 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Did you try a non-80 port? >>>> >>>> No I haven't, have you tried the standard port? >>>> >>>>> Maybe that requires a domain in the header? >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> Hello Arno and Everybody, >>>>>>> >>>>>>> Could you look at this screenshot carefully: >>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>> >>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>> It does not let >>>>>>> me authenticate and there is no domain information--both not >>>>>>> stated ("") and asked for! >>>>>> >>>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>>> successfully. Sure the account must be on the same box. >>>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>>> >>>>>> >>>>>>> &
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Hello, > > In this site: http://www.innovation.ch/personal/ronald/ntlm.html the > domain > names (both the HTTP and NTLM domains) are said to be transmitted in > the > base64 encoding msgs. Where have you read that? Give us a search string, not everybody is willing to study the this page from the beginning. Domain fields exists in the NTLM messages, not in any other HTTP header. AND I've never seen a client/browser that fills the Domain field in NTLM message 1. Could you check this out? I do not believe the > empty > domain implementation is correct!! > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:59 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Hello Arno and Francois, >> >> I cannot debug Arno's demo: It stops at breakpoints but does not let >> me >> inspect: > > AFAIK it's not possible to do that, and BTW I don't believe your > problem > has to do with the ICS server. IE works for you, right? You may try > Netscape > as well. > > >> >> http://www.fastream.com/ics/arnoscreenshot2.png >> >> Best Regards, >> >> SZ >> >> ----- Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 5:10 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >> Fastream Technologies wrote: >>> Ok. It is not related with port. One idea: my Windows username >>> includes a space. Could this matter? >> >> Why don't you create a new account w/o a space and try that out by >> yourself? >> I created one including a space as well as including German spezific >> characters above 128 such as so called Umlauts like Ü,ü, and ß which >> is another form of ss. >> >> >>> Should there be made any >>> encoding/decoding? >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:53 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Did you try a non-80 port? >>>> >>>> No I haven't, have you tried the standard port? >>>> >>>>> Maybe that requires a domain in the header? >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> Hello Arno and Everybody, >>>>>>> >>>>>>> Could you look at this screenshot carefully: >>>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>>> >>>>>>> This is Arno's demo compiled with BCB2k6 and running on a >>>>>>> Windows XP Pro with no domain controller and just a work group. >>>>>>> It does not let >>>>>>> me authenticate and there is no domain information--both not >>>>>>> stated ("") and asked for! >>>>>> >>>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>>> successfully. Sure the account must be on the same box. >>>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>>> >>>>>> >>>>>>> >>>>>>> Best Regards, >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NT
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
IE makes some assumptions which is not the correct way to test against server software! - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 5:59 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Hello Arno and Francois, > > I cannot debug Arno's demo: It stops at breakpoints but does not let > me > inspect: AFAIK it's not possible to do that, and BTW I don't believe your problem has to do with the ICS server. IE works for you, right? You may try Netscape as well. > > http://www.fastream.com/ics/arnoscreenshot2.png > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:10 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok. It is not related with port. One idea: my Windows username >> includes a space. Could this matter? > > Why don't you create a new account w/o a space and try that out by > yourself? > I created one including a space as well as including German spezific > characters above 128 such as so called Umlauts like Ü,ü, and ß which > is another form of ss. > > >> Should there be made any >> encoding/decoding? >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 4:53 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Did you try a non-80 port? >>> >>> No I haven't, have you tried the standard port? >>> >>>> Maybe that requires a domain in the header? >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Hello Arno and Everybody, >>>>>> >>>>>> Could you look at this screenshot carefully: >>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>> >>>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>>> XP Pro with no domain controller and just a work group. >>>>>> It does not let >>>>>> me authenticate and there is no domain information--both not >>>>>> stated ("") and asked for! >>>>> >>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>> successfully. Sure the account must be on the same box. >>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>> >>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>> >>>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>>> is most likely not the problem here. >>>>>>> >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>>> question) >>>>>>>> >>>>>>>> >>>>>>>>> Fastream Technologies wro
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello, In this site: http://www.innovation.ch/personal/ronald/ntlm.html the domain names (both the HTTP and NTLM domains) are said to be transmitted in the base64 encoding msgs. Could you check this out? I do not believe the empty domain implementation is correct!! Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 5:59 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Hello Arno and Francois, > > I cannot debug Arno's demo: It stops at breakpoints but does not let > me > inspect: AFAIK it's not possible to do that, and BTW I don't believe your problem has to do with the ICS server. IE works for you, right? You may try Netscape as well. > > http://www.fastream.com/ics/arnoscreenshot2.png > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:10 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok. It is not related with port. One idea: my Windows username >> includes a space. Could this matter? > > Why don't you create a new account w/o a space and try that out by > yourself? > I created one including a space as well as including German spezific > characters above 128 such as so called Umlauts like Ü,ü, and ß which > is another form of ss. > > >> Should there be made any >> encoding/decoding? >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 4:53 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Did you try a non-80 port? >>> >>> No I haven't, have you tried the standard port? >>> >>>> Maybe that requires a domain in the header? >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Hello Arno and Everybody, >>>>>> >>>>>> Could you look at this screenshot carefully: >>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>> >>>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>>> XP Pro with no domain controller and just a work group. >>>>>> It does not let >>>>>> me authenticate and there is no domain information--both not >>>>>> stated ("") and asked for! >>>>> >>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>> successfully. Sure the account must be on the same box. >>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>> >>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>> >>>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>>> is most likely not the problem here. >>>>>>> >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>>> Subject: Re: [twsocket] Fw: Urge
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Hello Arno and Francois, > > I cannot debug Arno's demo: It stops at breakpoints but does not let > me > inspect: AFAIK it's not possible to do that, and BTW I don't believe your problem has to do with the ICS server. IE works for you, right? You may try Netscape as well. > > http://www.fastream.com/ics/arnoscreenshot2.png > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:10 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok. It is not related with port. One idea: my Windows username >> includes a space. Could this matter? > > Why don't you create a new account w/o a space and try that out by > yourself? > I created one including a space as well as including German spezific > characters above 128 such as so called Umlauts like Ü,ü, and ß which > is another form of ss. > > >> Should there be made any >> encoding/decoding? >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 4:53 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Did you try a non-80 port? >>> >>> No I haven't, have you tried the standard port? >>> >>>> Maybe that requires a domain in the header? >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Hello Arno and Everybody, >>>>>> >>>>>> Could you look at this screenshot carefully: >>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>> >>>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>>> XP Pro with no domain controller and just a work group. >>>>>> It does not let >>>>>> me authenticate and there is no domain information--both not >>>>>> stated ("") and asked for! >>>>> >>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>> successfully. Sure the account must be on the same box. >>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>> >>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>> >>>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>>> is most likely not the problem here. >>>>>>> >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>>> question) >>>>>>>> >>>>>>>> >>>>>>>>> Fastream Technologies wrote: >>>>>>>>>> >>>>>>>>> Please check my private message. >>>>>>>>> >>>>>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>>>>> >>>>>>>>>> >>>>>>>>>> Rgrds, >>>>>>>>>> >>>>>>>>>> SZ >>>>>>>>> -- >>>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>>> list please goto >>>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>>> website at http://www.overbyte.be >>>>>>> -- >>>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>>> Visit our website at http://www.overbyte.be >>>>> -- >>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>> Visit our website at http://www.overbyte.be >>> -- >>> To unsubscribe or change your settings for TWSocket mailing list >>> please goto http://www.elists.org/mailman/listinfo/twsocket >>> Visit our website at http://www.overbyte.be > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Could anybody else also try it? We cannot be the only people using this http server component--this is for all users! Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 5:40 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > I created an admin user with the name "a" and no password still no > luck! :( My test user has just limited privileges (User), it also works fine when I run the server just as User with limited privileges. > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:10 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok. It is not related with port. One idea: my Windows username >> includes a space. Could this matter? > > Why don't you create a new account w/o a space and try that out by > yourself? > I created one including a space as well as including German spezific > characters above 128 such as so called Umlauts like Ü,ü, and ß which > is another form of ss. > > >> Should there be made any >> encoding/decoding? >> >> Best Regards, >> >> SZ >> >> - Original Message - >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 4:53 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Did you try a non-80 port? >>> >>> No I haven't, have you tried the standard port? >>> >>>> Maybe that requires a domain in the header? >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Hello Arno and Everybody, >>>>>> >>>>>> Could you look at this screenshot carefully: >>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>> >>>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>>> XP Pro with no domain controller and just a work group. >>>>>> It does not let >>>>>> me authenticate and there is no domain information--both not >>>>>> stated ("") and asked for! >>>>> >>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>> successfully. Sure the account must be on the same box. >>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>> >>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>> >>>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>>> is most likely not the problem here. >>>>>>> >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>>> question) >>>>>>>> >>>>>>>> >>>>>>>>> Fastream Technologies wrote: >>>>>>>>>> >>>>>>>>> Please check
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > I created an admin user with the name "a" and no password still no > luck! :( My test user has just limited privileges (User), it also works fine when I run the server just as User with limited privileges. > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 5:10 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > > Fastream Technologies wrote: >> Ok. It is not related with port. One idea: my Windows username >> includes a space. Could this matter? > > Why don't you create a new account w/o a space and try that out by > yourself? > I created one including a space as well as including German spezific > characters above 128 such as so called Umlauts like Ü,ü, and ß which > is another form of ss. > > >> Should there be made any >> encoding/decoding? >> >> Best Regards, >> >> SZ >> >> - Original Message ----- >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 4:53 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Did you try a non-80 port? >>> >>> No I haven't, have you tried the standard port? >>> >>>> Maybe that requires a domain in the header? >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 4:36 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> Hello Arno and Everybody, >>>>>> >>>>>> Could you look at this screenshot carefully: >>>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>>> >>>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>>> XP Pro with no domain controller and just a work group. >>>>>> It does not let >>>>>> me authenticate and there is no domain information--both not >>>>>> stated ("") and asked for! >>>>> >>>>> I tried the same config, both your bin and FF locally on XP Pro >>>>> successfully. Sure the account must be on the same box. >>>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>>> >>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>>> SZ >>>>>> >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>>> >>>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>>> is most likely not the problem here. >>>>>>> >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>>> question) >>>>>>>> >>>>>>>> >>>>>>>>> Fastream Technologies wrote: >>>>>>>>>> >>>>>>>>> Please check my private message. >>>>>>>>> >>>>>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>>>>> >>>>>>>>>> >>>>>>>>>> Rgrds, >>>>>>>>>> >>>>>>>>>> SZ >>>>>>>>> -- >>>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>>> list please goto >>>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>>> website at http://www.overbyte.be >>>>>>> -- >>>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>>> Visit our website at http://www.overbyte.be >>>>> -- >>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>> Visit our website at http://www.overbyte.be >>> -- >>> To unsubscribe or change your settings for TWSocket mailing list >>> please goto http://www.elists.org/mailman/listinfo/twsocket >>> Visit our website at http://www.overbyte.be > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello Arno and Francois, I cannot debug Arno's demo: It stops at breakpoints but does not let me inspect: http://www.fastream.com/ics/arnoscreenshot2.png Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 5:10 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Ok. It is not related with port. One idea: my Windows username > includes a space. Could this matter? Why don't you create a new account w/o a space and try that out by yourself? I created one including a space as well as including German spezific characters above 128 such as so called Umlauts like Ü,ü, and ß which is another form of ss. > Should there be made any > encoding/decoding? > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 4:53 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Did you try a non-80 port? >> >> No I haven't, have you tried the standard port? >> >>> Maybe that requires a domain in the header? >>> >>> - Original Message ----- >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:36 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Hello Arno and Everybody, >>>>> >>>>> Could you look at this screenshot carefully: >>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>> >>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>> XP Pro with no domain controller and just a work group. >>>>> It does not let >>>>> me authenticate and there is no domain information--both not >>>>> stated ("") and asked for! >>>> >>>> I tried the same config, both your bin and FF locally on XP Pro >>>> successfully. Sure the account must be on the same box. >>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>> >>>> >>>>> >>>>> Best Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>> >>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>> is most likely not the problem here. >>>>>> >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> >>>>>>>> Please check my private message. >>>>>>>> >>>>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>>>> >>>>>>>>> >>>>>>>>> Rgrds, >>>>>>>>> >>>>>>>>> SZ >>>>>>>> -- >>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>> list please goto >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>> website at http://www.overbyte.be >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I created an admin user with the name "a" and no password still no luck! :( Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 5:10 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) Fastream Technologies wrote: > Ok. It is not related with port. One idea: my Windows username > includes a space. Could this matter? Why don't you create a new account w/o a space and try that out by yourself? I created one including a space as well as including German spezific characters above 128 such as so called Umlauts like Ü,ü, and ß which is another form of ss. > Should there be made any > encoding/decoding? > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 4:53 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Did you try a non-80 port? >> >> No I haven't, have you tried the standard port? >> >>> Maybe that requires a domain in the header? >>> >>> ----- Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:36 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Hello Arno and Everybody, >>>>> >>>>> Could you look at this screenshot carefully: >>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>> >>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>> XP Pro with no domain controller and just a work group. >>>>> It does not let >>>>> me authenticate and there is no domain information--both not >>>>> stated ("") and asked for! >>>> >>>> I tried the same config, both your bin and FF locally on XP Pro >>>> successfully. Sure the account must be on the same box. >>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>> >>>> >>>>> >>>>> Best Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>> >>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>> is most likely not the problem here. >>>>>> >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> >>>>>>>> Please check my private message. >>>>>>>> >>>>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>>>> >>>>>>>>> >>>>>>>>> Rgrds, >>>>>>>>> >>>>>>>>> SZ >>>>>>>> -- >>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>> list please goto >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>> website at http://www.overbyte.be >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Ok. It is not related with port. One idea: my Windows username > includes a space. Could this matter? Why don't you create a new account w/o a space and try that out by yourself? I created one including a space as well as including German spezific characters above 128 such as so called Umlauts like Ü,ü, and ß which is another form of ss. > Should there be made any > encoding/decoding? > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 4:53 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Did you try a non-80 port? >> >> No I haven't, have you tried the standard port? >> >>> Maybe that requires a domain in the header? >>> >>> - Original Message ----- >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 4:36 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> Hello Arno and Everybody, >>>>> >>>>> Could you look at this screenshot carefully: >>>>> http://www.fastream.com/ics/arnoscreenshot.png. >>>>> >>>>> This is Arno's demo compiled with BCB2k6 and running on a Windows >>>>> XP Pro with no domain controller and just a work group. >>>>> It does not let >>>>> me authenticate and there is no domain information--both not >>>>> stated ("") and asked for! >>>> >>>> I tried the same config, both your bin and FF locally on XP Pro >>>> successfully. Sure the account must be on the same box. >>>> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >>>> >>>> >>>>> >>>>> Best Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 2:31 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>>>> >>>>>> BTW: In FF you may enter a user name like Host\User, though this >>>>>> is most likely not the problem here. >>>>>> >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM >>>>>>> question) >>>>>>> >>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> >>>>>>>> Please check my private message. >>>>>>>> >>>>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>>>> >>>>>>>>> >>>>>>>>> Rgrds, >>>>>>>>> >>>>>>>>> SZ >>>>>>>> -- >>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>> list please goto >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>> website at http://www.overbyte.be >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ok. It is not related with port. One idea: my Windows username includes a space. Could this matter? Should there be made any encoding/decoding? Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 4:53 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Did you try a non-80 port? : : No I haven't, have you tried the standard port? : : > Maybe that requires a domain in the header? : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 4:36 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> Hello Arno and Everybody, : >>> : >>> Could you look at this screenshot carefully: : >>> http://www.fastream.com/ics/arnoscreenshot.png. : >>> : >>> This is Arno's demo compiled with BCB2k6 and running on a Windows XP : >>> Pro with no domain controller and just a work group. : >>> It does not let : >>> me authenticate and there is no domain information--both not stated : >>> ("") and asked for! : >> : >> I tried the same config, both your bin and FF locally on XP Pro : >> successfully. Sure the account must be on the same box. : >> The NTLM 401 doesn't send a domain header, so you see ("") in FF. : >> : >> : >>> : >>> Best Regards, : >>> : >>> SZ : >>> : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Wednesday, September 13, 2006 2:31 PM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! : >>>> : >>>> BTW: In FF you may enter a user name like Host\User, though this : >>>> is most likely not the problem here. : >>>> : >>>>> : >>>>> - Original Message - : >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" : >>>>> Sent: Wednesday, September 13, 2006 2:15 PM : >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>> : >>>>>> Fastream Technologies wrote: : >>>>>>> : >>>>>> Please check my private message. : >>>>>> : >>>>>> Your EXE works fine using Firefox/1.5.0.6! : >>>>>> : >>>>>>> : >>>>>>> Rgrds, : >>>>>>> : >>>>>>> SZ : >>>>>> -- : >>>>>> To unsubscribe or change your settings for TWSocket mailing list : >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>>>> Visit our website at http://www.overbyte.be : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Did you try a non-80 port? No I haven't, have you tried the standard port? > Maybe that requires a domain in the header? > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 4:36 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Hello Arno and Everybody, >>> >>> Could you look at this screenshot carefully: >>> http://www.fastream.com/ics/arnoscreenshot.png. >>> >>> This is Arno's demo compiled with BCB2k6 and running on a Windows XP >>> Pro with no domain controller and just a work group. >>> It does not let >>> me authenticate and there is no domain information--both not stated >>> ("") and asked for! >> >> I tried the same config, both your bin and FF locally on XP Pro >> successfully. Sure the account must be on the same box. >> The NTLM 401 doesn't send a domain header, so you see ("") in FF. >> >> >>> >>> Best Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 2:31 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >>>> >>>> BTW: In FF you may enter a user name like Host\User, though this >>>> is most likely not the problem here. >>>> >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 2:15 PM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> >>>>>> Please check my private message. >>>>>> >>>>>> Your EXE works fine using Firefox/1.5.0.6! >>>>>> >>>>>>> >>>>>>> Rgrds, >>>>>>> >>>>>>> SZ >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Here is what we are talking about with Arno for others: http://www.fastream.com/ics/OverbyteIcsWebServBCB.zip (includes exe, 412KB) Use the URL: http://localhost/demo.html Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 4:38 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Did you try a non-80 port? Maybe that requires a domain in the header? : : - Original Message - : From: "Arno Garrels" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Wednesday, September 13, 2006 4:36 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Fastream Technologies wrote: :: > Hello Arno and Everybody, :: > :: > Could you look at this screenshot carefully: :: > http://www.fastream.com/ics/arnoscreenshot.png. :: > :: > This is Arno's demo compiled with BCB2k6 and running on a Windows XP :: > Pro with no domain controller and just a work group. :: > It does not let :: > me authenticate and there is no domain information--both not stated :: > ("") and asked for! :: :: I tried the same config, both your bin and FF locally on XP Pro :: successfully. Sure the account must be on the same box. :: The NTLM 401 doesn't send a domain header, so you see ("") in FF. :: :: :: > :: > Best Regards, :: > :: > SZ :: > :: > - Original Message - :: > From: "Arno Garrels" <[EMAIL PROTECTED]> :: > To: "ICS support mailing" :: > Sent: Wednesday, September 13, 2006 2:31 PM :: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: > :: > :: >> Fastream Technologies wrote: :: >>> I also tested with FF/1.5.0.6! Something's wrong somewhere! :: >> :: >> BTW: In FF you may enter a user name like Host\User, though this :: >> is most likely not the problem here. :: >> :: >>> :: >>> - Original Message - :: >>> From: "Arno Garrels" <[EMAIL PROTECTED]> :: >>> To: "ICS support mailing" :: >>> Sent: Wednesday, September 13, 2006 2:15 PM :: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: >>> :: >>> :: >>>> Fastream Technologies wrote: :: >>>>> :: >>>> Please check my private message. :: >>>> :: >>>> Your EXE works fine using Firefox/1.5.0.6! :: >>>> :: >>>>> :: >>>>> Rgrds, :: >>>>> :: >>>>> SZ :: >>>> -- :: >>>> To unsubscribe or change your settings for TWSocket mailing list :: >>>> please goto http://www.elists.org/mailman/listinfo/twsocket :: >>>> Visit our website at http://www.overbyte.be :: >> -- :: >> To unsubscribe or change your settings for TWSocket mailing list :: >> please goto http://www.elists.org/mailman/listinfo/twsocket :: >> Visit our website at http://www.overbyte.be :: -- :: To unsubscribe or change your settings for TWSocket mailing list :: please goto http://www.elists.org/mailman/listinfo/twsocket :: Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Did you try a non-80 port? Maybe that requires a domain in the header? - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 4:36 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Hello Arno and Everybody, : > : > Could you look at this screenshot carefully: : > http://www.fastream.com/ics/arnoscreenshot.png. : > : > This is Arno's demo compiled with BCB2k6 and running on a Windows XP : > Pro with no domain controller and just a work group. : > It does not let : > me authenticate and there is no domain information--both not stated : > ("") and asked for! : : I tried the same config, both your bin and FF locally on XP Pro : successfully. Sure the account must be on the same box. : The NTLM 401 doesn't send a domain header, so you see ("") in FF. : : : > : > Best Regards, : > : > SZ : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 2:31 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> I also tested with FF/1.5.0.6! Something's wrong somewhere! : >> : >> BTW: In FF you may enter a user name like Host\User, though this : >> is most likely not the problem here. : >> : >>> : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Wednesday, September 13, 2006 2:15 PM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> : >>>> Please check my private message. : >>>> : >>>> Your EXE works fine using Firefox/1.5.0.6! : >>>> : >>>>> : >>>>> Rgrds, : >>>>> : >>>>> SZ : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Hello Arno and Everybody, > > Could you look at this screenshot carefully: > http://www.fastream.com/ics/arnoscreenshot.png. > > This is Arno's demo compiled with BCB2k6 and running on a Windows XP > Pro with no domain controller and just a work group. > It does not let > me authenticate and there is no domain information--both not stated > ("") and asked for! I tried the same config, both your bin and FF locally on XP Pro successfully. Sure the account must be on the same box. The NTLM 401 doesn't send a domain header, so you see ("") in FF. > > Best Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 2:31 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> I also tested with FF/1.5.0.6! Something's wrong somewhere! >> >> BTW: In FF you may enter a user name like Host\User, though this >> is most likely not the problem here. >> >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 2:15 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> >>>> Please check my private message. >>>> >>>> Your EXE works fine using Firefox/1.5.0.6! >>>> >>>>> >>>>> Rgrds, >>>>> >>>>> SZ >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Hello Arno and Everybody, Could you look at this screenshot carefully: http://www.fastream.com/ics/arnoscreenshot.png. This is Arno's demo compiled with BCB2k6 and running on a Windows XP Pro with no domain controller and just a work group. It does not let me authenticate and there is no domain information--both not stated ("") and asked for! Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 2:31 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > I also tested with FF/1.5.0.6! Something's wrong somewhere! : : BTW: In FF you may enter a user name like Host\User, though this : is most likely not the problem here. : : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 2:15 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> : >> Please check my private message. : >> : >> Your EXE works fine using Firefox/1.5.0.6! : >> : >>> : >>> Rgrds, : >>> : >>> SZ : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > I also tested with FF/1.5.0.6! Something's wrong somewhere! BTW: In FF you may enter a user name like Host\User, though this is most likely not the problem here. > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 2:15 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> >> Please check my private message. >> >> Your EXE works fine using Firefox/1.5.0.6! >> >>> >>> Rgrds, >>> >>> SZ >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
I also tested with FF/1.5.0.6! Something's wrong somewhere! - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 2:15 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > : Please check my private message. : : Your EXE works fine using Firefox/1.5.0.6! : : > : > Rgrds, : > : > SZ : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Please check my private message. Your EXE works fine using Firefox/1.5.0.6! > > Rgrds, > > SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Also, in IE, as Francois said, it auto logs in to a domain. Where is the selection? Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 1:50 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still : > does not work under Firefox. Please test it under Firefox as well! : : Works fine with Gecko/20060728 Firefox/1.5.0.6. : However their are plenty of different versions available, probably some : of them are buggy. Check with ethereal! : : > Best Regards, : > : > SZ : > : > - Original Message - : > From: "Fastream Technologies" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 1:22 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Arno, : >> : >> I just tried with your demo.html and it gives the same problem! : >> Please refine your code under BCB personality (perhaps that's : >> related?). It gives no compile time error--just does not let it : >> authenticate! : >> : >> Regards, : >> : >> SZ : >> : >> ----- Original Message - : >> From: "Arno Garrels" <[EMAIL PROTECTED]> : >> To: "ICS support mailing" : >> Sent: Wednesday, September 13, 2006 12:09 PM : >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >> : >> : >>> Fastream Technologies wrote: : >>>> Please reply my private messages as well. : >>> : >>> This is plenty of C code, and I have to do my work as well! : >>> I'll take a look at it later. : >>> : >>>> : >>>> Thanks, : >>>> : >>>> SZ : >>>> : >>>> - Original Message - : >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>> To: "ICS support mailing" : >>>> Sent: Wednesday, September 13, 2006 12:01 PM : >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>> : >>>> : >>>>> Fastream Technologies wrote: : >>>>>> - Original Message - : >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>>> To: "ICS support mailing" : >>>>>> Sent: Wednesday, September 13, 2006 11:29 AM : >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>>> : >>>>>> : >>>>>>> Fastream Technologies wrote: : >>>>>>>> It does not ask for domain then! : >>>>>>> : >>>>>>> BTW: Not all browsers provide a domain field in their : >>>>>>> auth-dialog! : >>>>>> : >>>>>> I tried with both Firefox and IE6XP. : >>>>> : >>>>> Try the demo, it works! : >>>>> : >>>>>>>> I thought this would look like a NT- : >>>>>>>> log on screen!! How does it understand which NTLM-domain to log : >>>>>>>> in?? : >>>>>>> : >>>>>>> ?? : >>>>>> : >>>>>> When there is NO domain edit box, and when the user name does NOT : >>>>>> include a domain name, how does it understand the domain name : >>>>> : >>>>> If the browser does not send a domain SSPI uses the default logon : >>>>> authority, this may be either the local computer or the domain : >>>>> where the computer is a member. How it works exactely under the : >>>>> hood, is unknown to me. : >>>>> : >>>>> : >>>>>> : >>>>>>> : >>>>>>>> Regards, : >>>>>>>> : >>>>>>>> SZ : >>>>>>>> : >>>>>>>> - Original Message - : >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>>>>> To: "ICS support mailing" : >>>>>>>> Sent: Wednesday, September 13, 2006 11:20 AM : >>>>>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>>>>> : >>>>>>>> : >>>>>>>>> Fastream Technologies wrote: : >>>&
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
- Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 1:30 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > C and Pascal are close relatives and the code is not complex since : > you know the Pascal-correspondent. I know you are a busy coder but : > please give high priority for this. I really do not see where the C++ : > conversion mistake is. It simply does not ask for NTLM-domain : > information!! : : I looked at your source (which is hard to read since there are no : indentations), but cannot find the error. : Obviously you override the two most important routines, : THttpConnection.AuthCheckAuthenticated as well as : THttpConnection.Answer401 and also use a slightly different : logic. : : Debug by setting the apropriate break points and single step : thru the code. : The difference of NTLM compared to the other auth-methods : is that it needs one more step in the sequence, means the : server must always send a 401 response containing the : NTLM message 2. : Also helpfull is logging the traffic with ethereal. What is the difference wrt Digest? Please check my private message. Rgrds, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still > does not work under Firefox. Please test it under Firefox as well! Works fine with Gecko/20060728 Firefox/1.5.0.6. However their are plenty of different versions available, probably some of them are buggy. Check with ethereal! > Best Regards, > > SZ > > - Original Message - > From: "Fastream Technologies" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 1:22 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Arno, >> >> I just tried with your demo.html and it gives the same problem! >> Please refine your code under BCB personality (perhaps that's >> related?). It gives no compile time error--just does not let it >> authenticate! >> >> Regards, >> >> SZ >> >> - Original Message ----- >> From: "Arno Garrels" <[EMAIL PROTECTED]> >> To: "ICS support mailing" >> Sent: Wednesday, September 13, 2006 12:09 PM >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >> >> >>> Fastream Technologies wrote: >>>> Please reply my private messages as well. >>> >>> This is plenty of C code, and I have to do my work as well! >>> I'll take a look at it later. >>> >>>> >>>> Thanks, >>>> >>>> SZ >>>> >>>> - Original Message - >>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>> To: "ICS support mailing" >>>> Sent: Wednesday, September 13, 2006 12:01 PM >>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>> >>>> >>>>> Fastream Technologies wrote: >>>>>> - Original Message - >>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>> To: "ICS support mailing" >>>>>> Sent: Wednesday, September 13, 2006 11:29 AM >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>> >>>>>> >>>>>>> Fastream Technologies wrote: >>>>>>>> It does not ask for domain then! >>>>>>> >>>>>>> BTW: Not all browsers provide a domain field in their >>>>>>> auth-dialog! >>>>>> >>>>>> I tried with both Firefox and IE6XP. >>>>> >>>>> Try the demo, it works! >>>>> >>>>>>>> I thought this would look like a NT- >>>>>>>> log on screen!! How does it understand which NTLM-domain to log >>>>>>>> in?? >>>>>>> >>>>>>> ?? >>>>>> >>>>>> When there is NO domain edit box, and when the user name does NOT >>>>>> include a domain name, how does it understand the domain name >>>>> >>>>> If the browser does not send a domain SSPI uses the default logon >>>>> authority, this may be either the local computer or the domain >>>>> where the computer is a member. How it works exactely under the >>>>> hood, is unknown to me. >>>>> >>>>> >>>>>> >>>>>>> >>>>>>>> Regards, >>>>>>>> >>>>>>>> SZ >>>>>>>> >>>>>>>> - Original Message - >>>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>>> To: "ICS support mailing" >>>>>>>> Sent: Wednesday, September 13, 2006 11:20 AM >>>>>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>>>> >>>>>>>> >>>>>>>>> Fastream Technologies wrote: >>>>>>>>>> I have another problem: it never authenticates! Never lets >>>>>>>>>> in! I wrote, >>>>>>>>>> >>>>>>>>>> localhost\User (a windows user) >>>>>>>>>> and my password but it does not work! >>>>>>>>> >>>>>>>>> Do not include host/domain in the username! >>>>>>>>> >>>>>>>>> --- >>>>>>>>> Arno Garrels [TeamICS] >>>>>>>>> http://www.overbyte.be/eng/overbyte/teamics.html >>>>>>>>> >>>>>>>>> -- >>>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>>> list please goto >>>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>>> website at http://www.overbyte.be >>>>>>> -- >>>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>>> Visit our website at http://www.overbyte.be >>>>> -- >>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>> Visit our website at http://www.overbyte.be >>> -- >>> To unsubscribe or change your settings for TWSocket mailing list >>> please goto http://www.elists.org/mailman/listinfo/twsocket >>> Visit our website at http://www.overbyte.be >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > C and Pascal are close relatives and the code is not complex since > you know the Pascal-correspondent. I know you are a busy coder but > please give high priority for this. I really do not see where the C++ > conversion mistake is. It simply does not ask for NTLM-domain > information!! I looked at your source (which is hard to read since there are no indentations), but cannot find the error. Obviously you override the two most important routines, THttpConnection.AuthCheckAuthenticated as well as THttpConnection.Answer401 and also use a slightly different logic. Debug by setting the apropriate break points and single step thru the code. The difference of NTLM compared to the other auth-methods is that it needs one more step in the sequence, means the server must always send a 401 response containing the NTLM message 2. Also helpfull is logging the traffic with ethereal. > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 12:09 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> Please reply my private messages as well. >> >> This is plenty of C code, and I have to do my work as well! >> I'll take a look at it later. >> >>> >>> Thanks, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 12:01 PM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 11:29 AM >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> It does not ask for domain then! >>>>>> >>>>>> BTW: Not all browsers provide a domain field in their >>>>>> auth-dialog! >>>>> >>>>> I tried with both Firefox and IE6XP. >>>> >>>> Try the demo, it works! >>>> >>>>>>> I thought this would look like a NT- >>>>>>> log on screen!! How does it understand which NTLM-domain to log >>>>>>> in?? >>>>>> >>>>>> ?? >>>>> >>>>> When there is NO domain edit box, and when the user name does NOT >>>>> include a domain name, how does it understand the domain name >>>> >>>> If the browser does not send a domain SSPI uses the default logon >>>> authority, this may be either the local computer or the domain >>>> where the computer is a member. How it works exactely under the >>>> hood, is unknown to me. >>>> >>>> >>>>> >>>>>> >>>>>>> Regards, >>>>>>> >>>>>>> SZ >>>>>>> >>>>>>> - Original Message - >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>>>> To: "ICS support mailing" >>>>>>> Sent: Wednesday, September 13, 2006 11:20 AM >>>>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>>>> >>>>>>> >>>>>>>> Fastream Technologies wrote: >>>>>>>>> I have another problem: it never authenticates! Never lets >>>>>>>>> in! I wrote, >>>>>>>>> >>>>>>>>> localhost\User (a windows user) >>>>>>>>> and my password but it does not work! >>>>>>>> >>>>>>>> Do not include host/domain in the username! >>>>>>>> >>>>>>>> --- >>>>>>>> Arno Garrels [TeamICS] >>>>>>>> http://www.overbyte.be/eng/overbyte/teamics.html >>>>>>>> >>>>>>>> -- >>>>>>>> To unsubscribe or change your settings for TWSocket mailing >>>>>>>> list please goto >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our >>>>>>>> website at http://www.overbyte.be >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still does not work under Firefox. Please test it under Firefox as well! Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 1:22 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Arno, : : I just tried with your demo.html and it gives the same problem! Please : refine your code under BCB personality (perhaps that's related?). It gives : no compile time error--just does not let it authenticate! : : Regards, : : SZ : : - Original Message - : From: "Arno Garrels" <[EMAIL PROTECTED]> : To: "ICS support mailing" : Sent: Wednesday, September 13, 2006 12:09 PM : Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : : :: Fastream Technologies wrote: :: > Please reply my private messages as well. :: :: This is plenty of C code, and I have to do my work as well! :: I'll take a look at it later. :: :: > :: > Thanks, :: > :: > SZ :: > :: > - Original Message - :: > From: "Arno Garrels" <[EMAIL PROTECTED]> :: > To: "ICS support mailing" :: > Sent: Wednesday, September 13, 2006 12:01 PM :: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: > :: > :: >> Fastream Technologies wrote: :: >>> - Original Message - :: >>> From: "Arno Garrels" <[EMAIL PROTECTED]> :: >>> To: "ICS support mailing" :: >>> Sent: Wednesday, September 13, 2006 11:29 AM :: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) :: >>> :: >>> :: >>>> Fastream Technologies wrote: :: >>>>> It does not ask for domain then! :: >>>> :: >>>> BTW: Not all browsers provide a domain field in their :: >>>> auth-dialog! :: >>> :: >>> I tried with both Firefox and IE6XP. :: >> :: >> Try the demo, it works! :: >> :: >>>>> I thought this would look like a NT- :: >>>>> log on screen!! How does it understand which NTLM-domain to log :: >>>>> in?? :: >>>> :: >>>> ?? :: >>> :: >>> When there is NO domain edit box, and when the user name does NOT :: >>> include a domain name, how does it understand the domain name :: >> :: >> If the browser does not send a domain SSPI uses the default logon :: >> authority, this may be either the local computer or the domain where :: >> the computer is a member. How it works exactely under the hood, is :: >> unknown to me. :: >> :: >> :: >>> :: >>>> :: >>>>> Regards, :: >>>>> :: >>>>> SZ :: >>>>> :: >>>>> - Original Message - :: >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> :: >>>>> To: "ICS support mailing" :: >>>>> Sent: Wednesday, September 13, 2006 11:20 AM :: >>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) :: >>>>> :: >>>>> :: >>>>>> Fastream Technologies wrote: :: >>>>>>> I have another problem: it never authenticates! Never lets in! I :: >>>>>>> wrote, :: >>>>>>> :: >>>>>>> localhost\User (a windows user) :: >>>>>>> and my password but it does not work! :: >>>>>> :: >>>>>> Do not include host/domain in the username! :: >>>>>> :: >>>>>> --- :: >>>>>> Arno Garrels [TeamICS] :: >>>>>> http://www.overbyte.be/eng/overbyte/teamics.html :: >>>>>> :: >>>>>> -- :: >>>>>> To unsubscribe or change your settings for TWSocket mailing list :: >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket :: >>>>>> Visit our website at http://www.overbyte.be :: >>>> -- :: >>>> To unsubscribe or change your settings for TWSocket mailing list :: >>>> please goto http://www.elists.org/mailman/listinfo/twsocket :: >>>> Visit our website at http://www.overbyte.be :: >> -- :: >> To unsubscribe or change your settings for TWSocket mailing list :: >> please goto http://www.elists.org/mailman/listinfo/twsocket :: >> Visit our website at http://www.overbyte.be :: -- :: To unsubscribe or change your settings for TWSocket mailing list :: please goto http://www.elists.org/mailman/listinfo/twsocket :: Visit our website at http://www.overbyte.be : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Arno, I just tried with your demo.html and it gives the same problem! Please refine your code under BCB personality (perhaps that's related?). It gives no compile time error--just does not let it authenticate! Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 12:09 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Please reply my private messages as well. : : This is plenty of C code, and I have to do my work as well! : I'll take a look at it later. : : > : > Thanks, : > : > SZ : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 12:01 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Wednesday, September 13, 2006 11:29 AM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> It does not ask for domain then! : >>>> : >>>> BTW: Not all browsers provide a domain field in their : >>>> auth-dialog! : >>> : >>> I tried with both Firefox and IE6XP. : >> : >> Try the demo, it works! : >> : >>>>> I thought this would look like a NT- : >>>>> log on screen!! How does it understand which NTLM-domain to log : >>>>> in?? : >>>> : >>>> ?? : >>> : >>> When there is NO domain edit box, and when the user name does NOT : >>> include a domain name, how does it understand the domain name : >> : >> If the browser does not send a domain SSPI uses the default logon : >> authority, this may be either the local computer or the domain where : >> the computer is a member. How it works exactely under the hood, is : >> unknown to me. : >> : >> : >>> : >>>> : >>>>> Regards, : >>>>> : >>>>> SZ : >>>>> : >>>>> - Original Message - : >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" : >>>>> Sent: Wednesday, September 13, 2006 11:20 AM : >>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>> : >>>>>> Fastream Technologies wrote: : >>>>>>> I have another problem: it never authenticates! Never lets in! I : >>>>>>> wrote, : >>>>>>> : >>>>>>> localhost\User (a windows user) : >>>>>>> and my password but it does not work! : >>>>>> : >>>>>> Do not include host/domain in the username! : >>>>>> : >>>>>> --- : >>>>>> Arno Garrels [TeamICS] : >>>>>> http://www.overbyte.be/eng/overbyte/teamics.html : >>>>>> : >>>>>> -- : >>>>>> To unsubscribe or change your settings for TWSocket mailing list : >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>>>> Visit our website at http://www.overbyte.be : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
C and Pascal are close relatives and the code is not complex since you know the Pascal-correspondent. I know you are a busy coder but please give high priority for this. I really do not see where the C++ conversion mistake is. It simply does not ask for NTLM-domain information!! Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 12:09 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Please reply my private messages as well. : : This is plenty of C code, and I have to do my work as well! : I'll take a look at it later. : : > : > Thanks, : > : > SZ : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 12:01 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Wednesday, September 13, 2006 11:29 AM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> It does not ask for domain then! : >>>> : >>>> BTW: Not all browsers provide a domain field in their : >>>> auth-dialog! : >>> : >>> I tried with both Firefox and IE6XP. : >> : >> Try the demo, it works! : >> : >>>>> I thought this would look like a NT- : >>>>> log on screen!! How does it understand which NTLM-domain to log : >>>>> in?? : >>>> : >>>> ?? : >>> : >>> When there is NO domain edit box, and when the user name does NOT : >>> include a domain name, how does it understand the domain name : >> : >> If the browser does not send a domain SSPI uses the default logon : >> authority, this may be either the local computer or the domain where : >> the computer is a member. How it works exactely under the hood, is : >> unknown to me. : >> : >> : >>> : >>>> : >>>>> Regards, : >>>>> : >>>>> SZ : >>>>> : >>>>> - Original Message - : >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" : >>>>> Sent: Wednesday, September 13, 2006 11:20 AM : >>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>> : >>>>>> Fastream Technologies wrote: : >>>>>>> I have another problem: it never authenticates! Never lets in! I : >>>>>>> wrote, : >>>>>>> : >>>>>>> localhost\User (a windows user) : >>>>>>> and my password but it does not work! : >>>>>> : >>>>>> Do not include host/domain in the username! : >>>>>> : >>>>>> --- : >>>>>> Arno Garrels [TeamICS] : >>>>>> http://www.overbyte.be/eng/overbyte/teamics.html : >>>>>> : >>>>>> -- : >>>>>> To unsubscribe or change your settings for TWSocket mailing list : >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>>>> Visit our website at http://www.overbyte.be : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > Please reply my private messages as well. This is plenty of C code, and I have to do my work as well! I'll take a look at it later. > > Thanks, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 12:01 PM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 11:29 AM >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> It does not ask for domain then! >>>> >>>> BTW: Not all browsers provide a domain field in their >>>> auth-dialog! >>> >>> I tried with both Firefox and IE6XP. >> >> Try the demo, it works! >> >>>>> I thought this would look like a NT- >>>>> log on screen!! How does it understand which NTLM-domain to log >>>>> in?? >>>> >>>> ?? >>> >>> When there is NO domain edit box, and when the user name does NOT >>> include a domain name, how does it understand the domain name >> >> If the browser does not send a domain SSPI uses the default logon >> authority, this may be either the local computer or the domain where >> the computer is a member. How it works exactely under the hood, is >> unknown to me. >> >> >>> >>>> >>>>> Regards, >>>>> >>>>> SZ >>>>> >>>>> - Original Message - >>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>>>> To: "ICS support mailing" >>>>> Sent: Wednesday, September 13, 2006 11:20 AM >>>>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) >>>>> >>>>> >>>>>> Fastream Technologies wrote: >>>>>>> I have another problem: it never authenticates! Never lets in! I >>>>>>> wrote, >>>>>>> >>>>>>> localhost\User (a windows user) >>>>>>> and my password but it does not work! >>>>>> >>>>>> Do not include host/domain in the username! >>>>>> >>>>>> --- >>>>>> Arno Garrels [TeamICS] >>>>>> http://www.overbyte.be/eng/overbyte/teamics.html >>>>>> >>>>>> -- >>>>>> To unsubscribe or change your settings for TWSocket mailing list >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>>>> Visit our website at http://www.overbyte.be >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Please reply my private messages as well. Thanks, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 12:01 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 11:29 AM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> It does not ask for domain then! : >> : >> BTW: Not all browsers provide a domain field in their : >> auth-dialog! : > : > I tried with both Firefox and IE6XP. : : Try the demo, it works! : : >>> I thought this would look like a NT- : >>> log on screen!! How does it understand which NTLM-domain to log in?? : >> : >> ?? : > : > When there is NO domain edit box, and when the user name does NOT : > include a domain name, how does it understand the domain name : : If the browser does not send a domain SSPI uses the default logon : authority, this may be either the local computer or the domain where : the computer is a member. How it works exactely under the hood, is : unknown to me. : : : > : >> : >>> Regards, : >>> : >>> SZ : >>> : >>> - Original Message - : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" : >>> Sent: Wednesday, September 13, 2006 11:20 AM : >>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> I have another problem: it never authenticates! Never lets in! I : >>>>> wrote, : >>>>> : >>>>> localhost\User (a windows user) : >>>>> and my password but it does not work! : >>>> : >>>> Do not include host/domain in the username! : >>>> : >>>> --- : >>>> Arno Garrels [TeamICS] : >>>> http://www.overbyte.be/eng/overbyte/teamics.html : >>>> : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 11:29 AM > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> It does not ask for domain then! >> >> BTW: Not all browsers provide a domain field in their >> auth-dialog! > > I tried with both Firefox and IE6XP. Try the demo, it works! >>> I thought this would look like a NT- >>> log on screen!! How does it understand which NTLM-domain to log in?? >> >> ?? > > When there is NO domain edit box, and when the user name does NOT > include a domain name, how does it understand the domain name If the browser does not send a domain SSPI uses the default logon authority, this may be either the local computer or the domain where the computer is a member. How it works exactely under the hood, is unknown to me. > >> >>> Regards, >>> >>> SZ >>> >>> - Original Message - >>> From: "Arno Garrels" <[EMAIL PROTECTED]> >>> To: "ICS support mailing" >>> Sent: Wednesday, September 13, 2006 11:20 AM >>> Subject: [twsocket] Fw: Urgent (Another simple NTLM question) >>> >>> >>>> Fastream Technologies wrote: >>>>> I have another problem: it never authenticates! Never lets in! I >>>>> wrote, >>>>> >>>>> localhost\User (a windows user) >>>>> and my password but it does not work! >>>> >>>> Do not include host/domain in the username! >>>> >>>> --- >>>> Arno Garrels [TeamICS] >>>> http://www.overbyte.be/eng/overbyte/teamics.html >>>> >>>> -- >>>> To unsubscribe or change your settings for TWSocket mailing list >>>> please goto http://www.elists.org/mailman/listinfo/twsocket >>>> Visit our website at http://www.overbyte.be >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
- Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 11:29 AM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > It does not ask for domain then! : : BTW: Not all browsers provide a domain field in their : auth-dialog! I tried with both Firefox and IE6XP. : : There's a boolean var Allow, set it to FALSE in order to : reject the user. The domain property was null when I did not enter the domain name as I said. : : > I thought this would look like a NT- : > log on screen!! How does it understand which NTLM-domain to log in?? : : ?? When there is NO domain edit box, and when the user name does NOT include a domain name, how does it understand the domain name : : > Regards, : > : > SZ : > : > - Original Message - : > From: "Arno Garrels" <[EMAIL PROTECTED]> : > To: "ICS support mailing" : > Sent: Wednesday, September 13, 2006 11:20 AM : > Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Fastream Technologies wrote: : >>> I have another problem: it never authenticates! Never lets in! I : >>> wrote, : >>> : >>> localhost\User (a windows user) : >>> and my password but it does not work! : >> : >> Do not include host/domain in the username! : >> : >> --- : >> Arno Garrels [TeamICS] : >> http://www.overbyte.be/eng/overbyte/teamics.html : >> : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
Fastream Technologies wrote: > It does not ask for domain then! BTW: Not all browsers provide a domain field in their auth-dialog! There's a boolean var Allow, set it to FALSE in order to reject the user. > I thought this would look like a NT- > log on screen!! How does it understand which NTLM-domain to log in?? ?? > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" > Sent: Wednesday, September 13, 2006 11:20 AM > Subject: [twsocket] Fw: Urgent (Another simple NTLM question) > > >> Fastream Technologies wrote: >>> I have another problem: it never authenticates! Never lets in! I >>> wrote, >>> >>> localhost\User (a windows user) >>> and my password but it does not work! >> >> Do not include host/domain in the username! >> >> --- >> Arno Garrels [TeamICS] >> http://www.overbyte.be/eng/overbyte/teamics.html >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Fw: Urgent (Another simple NTLM question)
It does not ask for domain then! I thought this would look like a NT-log on screen!! How does it understand which NTLM-domain to log in?? Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Wednesday, September 13, 2006 11:20 AM Subject: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > I have another problem: it never authenticates! Never lets in! I wrote, : > : > localhost\User (a windows user) : > and my password but it does not work! : : Do not include host/domain in the username! : : --- : Arno Garrels [TeamICS] : http://www.overbyte.be/eng/overbyte/teamics.html : : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be