Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
I tested with Opera successfully!

Change the format string below in order to get a hex display like:
raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);

Post the hex value.

 

Fastream Technologies wrote:
 Hello,
 
 With FF, after msg3,
 
 Sec := FPSFT^.AcceptSecurityContext(@FHCred,
pHCtx,
@InBuffDesc,
ASC_REQ_SEQUENCE_DETECT, //
 context requirements
SECURITY_NATIVE_DREP,
@FHCtx,
@OutBuffDesc,
ContextAttr,
Lifetime);
 if Sec  0 then
 begin // enters here with Sec = -2^31
 {$IFDEF DEBUG_EXCEPTIONS}
 raise Exception.CreateFmt('Init context failed: %d',
 [Sec]); {$ELSE}
 Result := '';
 FState := lsDoneErr;
 Exit;
 {$ENDIF}
 end;
 
 Arno, do you have any idea?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 8:20 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Here is the full log:
 
 FireFox 1.5.0.6:
 
 13.09.2006 21:50:09 Connection Opened
 
 13.09.2006 21:50:09 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
 Firefox/1.5.0.6..Accept:
  
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive
 
 13.09.2006 21:50:09 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-
 Length: 629..Content-Type: text/html..Connection: keep-
 alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
 Authorization ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
 Firefox/1.5.0.6..Accept:
  
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive..Authorization: NTLM
 TlRMTVNTUAABB4IIAAA=
 
 13.09.2006 21:50:17 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
  
 TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
 629..Content-Type: text/html..Connection: keep-alive..Server:
 Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
 ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
 Firefox/1.5.0.6..Accept:
  
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive..Authorization: NTLM
  
 TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=
 
 13.09.2006 21:50:17 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
 ..Content-Length: 629..Content-Type: text/html..Connection:
 keep-alive..Server: Fastream IQ Reverse
 ProxyHTMLHEADTITLE401 ...
 
 Still asking for password hereForever...
 
 IE6XP:
 
 13.09.2006 21:48:06 Connection Opened
 
 13.09.2006 21:48:06 From Local
 GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
 image/pjpeg, application/x-shockwave-flash, application/vnd.ms-
 excel, application/msword, application/vnd.ms-powerpoint,
 */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-
 Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET
 CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep-
 Alive..Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D 
 
 13.09.2006 21:48:06 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-
 Length: 629..Content-Type: text/html..Connection: Keep-
 Alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
 Authorization ...
 
 13.09.2006 21:48:06 From Local
 GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
 image

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and gave
no errors/exceptions! But I cannot deploy in this form... ;(

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 10:49 AM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


:I tested with Opera successfully!
:
: Change the format string below in order to get a hex display like:
: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
:
: Post the hex value.
:
:
:
: Fastream Technologies wrote:
:  Hello,
: 
:  With FF, after msg3,
: 
:  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
: pHCtx,
: @InBuffDesc,
: ASC_REQ_SEQUENCE_DETECT, //
:  context requirements
: SECURITY_NATIVE_DREP,
: @FHCtx,
: @OutBuffDesc,
: ContextAttr,
: Lifetime);
:  if Sec  0 then
:  begin // enters here with Sec = -2^31
:  {$IFDEF DEBUG_EXCEPTIONS}
:  raise Exception.CreateFmt('Init context failed: %d',
:  [Sec]); {$ELSE}
:  Result := '';
:  FState := lsDoneErr;
:  Exit;
:  {$ENDIF}
:  end;
: 
:  Arno, do you have any idea?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 8:20 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Here is the full log:
: 
:  FireFox 1.5.0.6:
: 
:  13.09.2006 21:50:09 Connection Opened
: 
:  13.09.2006 21:50:09 From Local
:  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:  Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:  keep-alive
: 
:  13.09.2006 21:50:09 From Remote
:  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-
:  Length: 629..Content-Type: text/html..Connection: keep-
:  alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
:  Authorization ...
: 
:  13.09.2006 21:50:17 From Local
:  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:  Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:  keep-alive..Authorization: NTLM
:  TlRMTVNTUAABB4IIAAA=
: 
:  13.09.2006 21:50:17 From Remote
:  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
: 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
:  629..Content-Type: text/html..Connection: keep-alive..Server:
:  Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
:  ...
: 
:  13.09.2006 21:50:17 From Local
:  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:  Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:  keep-alive..Authorization: NTLM
: 
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=
: 
:  13.09.2006 21:50:17 From Remote
:  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
:  ..Content-Length: 629..Content-Type: text/html..Connection:
:  keep-alive..Server: Fastream IQ Reverse
:  ProxyHTMLHEADTITLE401 ...
: 
:  Still asking for password hereForever...
: 
:  IE6XP:
: 
:  13.09.2006 21:48:06 Connection Opened
: 
:  13.09.2006 21:48:06 From Local
:  GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
:  image/pjpeg, application/x-shockwave-flash, application/vnd.ms-
:  excel, application/msword, application/vnd.ms-powerpoint,
:  */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Hi Arno,

I also wonder if this could be a lifetime/time zone problem? We are GMT+200. 
What is the timeout period of this authentication and did you consider 
different time zones?

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 11:31 AM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and 
gave
: no errors/exceptions! But I cannot deploy in this form... ;(
:
: SZ
:
: - Original Message - 
: From: Arno Garrels [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Thursday, September 14, 2006 10:49 AM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
::I tested with Opera successfully!
::
:: Change the format string below in order to get a hex display like:
:: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
::
:: Post the hex value.
::
::
::
:: Fastream Technologies wrote:
::  Hello,
:: 
::  With FF, after msg3,
:: 
::  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
:: pHCtx,
:: @InBuffDesc,
:: ASC_REQ_SEQUENCE_DETECT, //
::  context requirements
:: SECURITY_NATIVE_DREP,
:: @FHCtx,
:: @OutBuffDesc,
:: ContextAttr,
:: Lifetime);
::  if Sec  0 then
::  begin // enters here with Sec = -2^31
::  {$IFDEF DEBUG_EXCEPTIONS}
::  raise Exception.CreateFmt('Init context failed: %d',
::  [Sec]); {$ELSE}
::  Result := '';
::  FState := lsDoneErr;
::  Exit;
::  {$ENDIF}
::  end;
:: 
::  Arno, do you have any idea?
:: 
::  Best Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Fastream Technologies [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 8:20 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Here is the full log:
:: 
::  FireFox 1.5.0.6:
:: 
::  13.09.2006 21:50:09 Connection Opened
:: 
::  13.09.2006 21:50:09 From Local
::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
::  Firefox/1.5.0.6..Accept:
:: 
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::  keep-alive
:: 
::  13.09.2006 21:50:09 From Remote
::  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-
::  Length: 629..Content-Type: text/html..Connection: keep-
::  alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
::  Authorization ...
:: 
::  13.09.2006 21:50:17 From Local
::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
::  Firefox/1.5.0.6..Accept:
:: 
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::  keep-alive..Authorization: NTLM
::  TlRMTVNTUAABB4IIAAA=
:: 
::  13.09.2006 21:50:17 From Remote
::  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
:: 
: 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
::  629..Content-Type: text/html..Connection: keep-alive..Server:
::  Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
::  ...
:: 
::  13.09.2006 21:50:17 From Local
::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
::  Firefox/1.5.0.6..Accept:
:: 
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::  keep-alive..Authorization: NTLM
:: 
: 
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=
:: 
::  13.09.2006 21:50:17 From Remote
::  HTTP/1.1 401 Authorization Required..WWW

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Also the unicode directive enabled, it does not compile! Perhaps that could 
be a cure?!

Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 11:40 AM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Hi Arno,
:
: I also wonder if this could be a lifetime/time zone problem? We are 
GMT+200.
: What is the timeout period of this authentication and did you consider
: different time zones?
:
: Best Regards,
:
: SZ
:
: - Original Message - 
: From: Fastream Technologies [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Thursday, September 14, 2006 11:31 AM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and
: gave
:: no errors/exceptions! But I cannot deploy in this form... ;(
::
:: SZ
::
:: - Original Message - 
:: From: Arno Garrels [EMAIL PROTECTED]
:: To: ICS support mailing twsocket@elists.org
:: Sent: Thursday, September 14, 2006 10:49 AM
:: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::
::
:::I tested with Opera successfully!
:::
::: Change the format string below in order to get a hex display like:
::: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
:::
::: Post the hex value.
:::
:::
:::
::: Fastream Technologies wrote:
:::  Hello,
::: 
:::  With FF, after msg3,
::: 
:::  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
::: pHCtx,
::: @InBuffDesc,
::: ASC_REQ_SEQUENCE_DETECT, //
:::  context requirements
::: SECURITY_NATIVE_DREP,
::: @FHCtx,
::: @OutBuffDesc,
::: ContextAttr,
::: Lifetime);
:::  if Sec  0 then
:::  begin // enters here with Sec = -2^31
:::  {$IFDEF DEBUG_EXCEPTIONS}
:::  raise Exception.CreateFmt('Init context failed: %d',
:::  [Sec]); {$ELSE}
:::  Result := '';
:::  FState := lsDoneErr;
:::  Exit;
:::  {$ENDIF}
:::  end;
::: 
:::  Arno, do you have any idea?
::: 
:::  Best Regards,
::: 
:::  SZ
::: 
:::  - Original Message -
:::  From: Fastream Technologies [EMAIL PROTECTED]
:::  To: ICS support mailing twsocket@elists.org
:::  Sent: Thursday, September 14, 2006 8:20 AM
:::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: 
::: 
:::  Here is the full log:
::: 
:::  FireFox 1.5.0.6:
::: 
:::  13.09.2006 21:50:09 Connection Opened
::: 
:::  13.09.2006 21:50:09 From Local
:::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:::  Firefox/1.5.0.6..Accept:
::: 
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:::  keep-alive
::: 
:::  13.09.2006 21:50:09 From Remote
:::  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-
:::  Length: 629..Content-Type: text/html..Connection: keep-
:::  alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
:::  Authorization ...
::: 
:::  13.09.2006 21:50:17 From Local
:::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:::  Firefox/1.5.0.6..Accept:
::: 
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:::  keep-alive..Authorization: NTLM
:::  TlRMTVNTUAABB4IIAAA=
::: 
:::  13.09.2006 21:50:17 From Remote
:::  HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
::: 
::
: 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
:::  629..Content-Type: text/html..Connection: keep-alive..Server:
:::  Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
:::  ...
::: 
:::  13.09.2006 21:50:17 From Local
:::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:::  (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:::  Firefox/1.5.0.6..Accept:
::: 
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Also the unicode directive enabled, it does not compile! Perhaps that
 could be a cure?!

No, internally user names, domain names etc. are unicoded anyway.
To enable the unicode versions of the SSPI functions you need to uncomment
both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas. 

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:40 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hi Arno,
 
 I also wonder if this could be a lifetime/time zone problem? We are
 GMT+200. What is the timeout period of this authentication and did
 you consider different time zones?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:31 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
 and gave no errors/exceptions! But I cannot deploy in this form...
 ;( 
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 10:49 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 I tested with Opera successfully!
 
 Change the format string below in order to get a hex display like:
 raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
 
 Post the hex value.
 
 
 
 Fastream Technologies wrote:
 Hello,
 
 With FF, after msg3,
 
 Sec := FPSFT^.AcceptSecurityContext(@FHCred,
pHCtx,
@InBuffDesc,
   
 ASC_REQ_SEQUENCE_DETECT, // context requirements
SECURITY_NATIVE_DREP,
@FHCtx,
@OutBuffDesc,
ContextAttr,
Lifetime);
 if Sec  0 then
 begin // enters here with Sec = -2^31
 {$IFDEF DEBUG_EXCEPTIONS}
 raise Exception.CreateFmt('Init context failed: %d',
 [Sec]); {$ELSE}
 Result := '';
 FState := lsDoneErr;
 Exit;
 {$ENDIF}
 end;
 
 Arno, do you have any idea?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 8:20 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Here is the full log:
 
 FireFox 1.5.0.6:
 
 13.09.2006 21:50:09 Connection Opened
 
 13.09.2006 21:50:09 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive
 
 13.09.2006 21:50:09 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate:
 NTLM..Content- Length: 629..Content-Type: text/html..Connection:
 keep- alive..Server: Fastream IQ Reverse
 ProxyHTMLHEADTITLE401 Authorization ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive..Authorization: NTLM
 TlRMTVNTUAABB4IIAAA=
 
 13.09.2006 21:50:17 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
 
 
 
 TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
 629..Content-Type: text/html..Connection: keep-alive..Server:
 Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
 ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Hello,

I found the problem source pinpointed:


if Sec  0 then
begin
{$IFDEF DEBUG_EXCEPTIONS}
Exception.CreateFmt('Init context failed: 0x%x', [Sec]); //
Sec -2146893048 (0x80090308)

{$ELSE}
Result := '';
FState := lsDoneErr;
Exit;
{$ENDIF}
end;

When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works!

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 12:08 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Also the unicode directive enabled, it does not compile! Perhaps that
:  could be a cure?!
:
: No, internally user names, domain names etc. are unicoded anyway.
: To enable the unicode versions of the SSPI functions you need to uncomment
: both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas.
:
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 11:40 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Hi Arno,
: 
:  I also wonder if this could be a lifetime/time zone problem? We are
:  GMT+200. What is the timeout period of this authentication and did
:  you consider different time zones?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 11:31 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
:  and gave no errors/exceptions! But I cannot deploy in this form...
:  ;(
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 10:49 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  I tested with Opera successfully!
: 
:  Change the format string below in order to get a hex display like:
:  raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
: 
:  Post the hex value.
: 
: 
: 
:  Fastream Technologies wrote:
:  Hello,
: 
:  With FF, after msg3,
: 
:  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
: pHCtx,
: @InBuffDesc,
: 
:  ASC_REQ_SEQUENCE_DETECT, // context requirements
: SECURITY_NATIVE_DREP,
: @FHCtx,
: @OutBuffDesc,
: ContextAttr,
: Lifetime);
:  if Sec  0 then
:  begin // enters here with Sec = -2^31
:  {$IFDEF DEBUG_EXCEPTIONS}
:  raise Exception.CreateFmt('Init context failed: %d',
:  [Sec]); {$ELSE}
:  Result := '';
:  FState := lsDoneErr;
:  Exit;
:  {$ENDIF}
:  end;
: 
:  Arno, do you have any idea?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 8:20 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Here is the full log:
: 
:  FireFox 1.5.0.6:
: 
:  13.09.2006 21:50:09 Connection Opened
: 
:  13.09.2006 21:50:09 From Local
:  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
:  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
:  Gecko/20060728 Firefox/1.5.0.6..Accept:
: 
: 
: 
:  
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:  keep-alive
: 
:  13.09.2006 21:50:09 From Remote
:  HTTP/1.1 401 Authorization Required..WWW-Authenticate:
:  NTLM..Content- Length: 629..Content-Type: text/html..Connection:
:  keep- alive..Server: Fastream IQ Reverse
:  ProxyHTMLHEADTITLE401 Authorization ...
: 
:  13.09.2006 21:50:17 From Local
:  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
:  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
:  Gecko/20060728 Firefox/1.5.0.6..Accept:
: 
: 
: 
:  
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:  keep-alive..Authorization: NTLM
:  TlRMTVNTUAABB4IIAAA

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Hi Arno,
 
 I also wonder if this could be a lifetime/time zone problem? We are
 GMT+200. What is the timeout period of this authentication and did
 you consider different time zones?

I do not think so.
Function AcceptSecurityContext (NTLM) is documented here:
http://windowssdk.msdn.microsoft.com/en-us/library/ms717513.aspx

The Timestamp is filled by the security package.
Windows 2000/NT and Windows Me/98/95:  This parameter is not used. Set this 
value to NULL.

I tested on W2k as well as on XP!

 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:31 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
 and gave no errors/exceptions! But I cannot deploy in this form... ;(
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 10:49 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 I tested with Opera successfully!
 
 Change the format string below in order to get a hex display like:
 raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
 
 Post the hex value.
 
 
 
 Fastream Technologies wrote:
 Hello,
 
 With FF, after msg3,
 
 Sec := FPSFT^.AcceptSecurityContext(@FHCred,
pHCtx,
@InBuffDesc,
   
 ASC_REQ_SEQUENCE_DETECT, // context requirements
SECURITY_NATIVE_DREP,
@FHCtx,
@OutBuffDesc,
ContextAttr,
Lifetime);
 if Sec  0 then
 begin // enters here with Sec = -2^31
 {$IFDEF DEBUG_EXCEPTIONS}
 raise Exception.CreateFmt('Init context failed: %d',
 [Sec]); {$ELSE}
 Result := '';
 FState := lsDoneErr;
 Exit;
 {$ENDIF}
 end;
 
 Arno, do you have any idea?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 8:20 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Here is the full log:
 
 FireFox 1.5.0.6:
 
 13.09.2006 21:50:09 Connection Opened
 
 13.09.2006 21:50:09 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive
 
 13.09.2006 21:50:09 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate:
 NTLM..Content- Length: 629..Content-Type: text/html..Connection:
 keep- alive..Server: Fastream IQ Reverse
 ProxyHTMLHEADTITLE401 Authorization ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive..Authorization: NTLM
 TlRMTVNTUAABB4IIAAA=
 
 13.09.2006 21:50:17 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
 
 
 TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
 629..Content-Type: text/html..Connection: keep-alive..Server:
 Fastream IQ Reverse ProxyHTMLHEADTITLE401 Authorization
 ...
 
 13.09.2006 21:50:17 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
 windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
 keep-alive..Authorization: NTLM
 
 
 TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Stadin, Benjamin
FS, can you try it with FF with the site added to the trusted URIs and NTLM
auto-login enabled?

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
I do not know how to do this in FF. Also, see my previous message as I think 
I found the source of the problem.

What's annoying with the problem is that in Opera, it causes 100% CPU usage 
ON THE SERVER-SIDE--typical DoS.

Best Regards,

SZ

- Original Message - 
From: Stadin, Benjamin [EMAIL PROTECTED]
To: twsocket@elists.org
Sent: Thursday, September 14, 2006 12:37 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: FS, can you try it with FF with the site added to the trusted URIs and 
NTLM
: auto-login enabled?
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Now it gives SEC_E_LOGON_DENIED. :(

Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 12:30 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Hello,
:
: I found the problem source pinpointed:
:
:
: if Sec  0 then
:begin
:{$IFDEF DEBUG_EXCEPTIONS}
:Exception.CreateFmt('Init context failed: 0x%x', [Sec]); //
: Sec -2146893048 (0x80090308)
:
:{$ELSE}
:Result := '';
:FState := lsDoneErr;
:Exit;
:{$ENDIF}
:end;
:
: When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works!
:
: Best Regards,
:
: SZ
:
: - Original Message - 
: From: Arno Garrels [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Thursday, September 14, 2006 12:08 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Fastream Technologies wrote:
::  Also the unicode directive enabled, it does not compile! Perhaps that
::  could be a cure?!
::
:: No, internally user names, domain names etc. are unicoded anyway.
:: To enable the unicode versions of the SSPI functions you need to 
uncomment
:: both defines in OverbyteIcsNtlmSsp.pas as well as in OverbyteIcsSspi.pas.
::
:: 
::  Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Fastream Technologies [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 11:40 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Hi Arno,
:: 
::  I also wonder if this could be a lifetime/time zone problem? We are
::  GMT+200. What is the timeout period of this authentication and did
::  you consider different time zones?
:: 
::  Best Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Fastream Technologies [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 11:31 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
::  and gave no errors/exceptions! But I cannot deploy in this form...
::  ;(
:: 
::  SZ
:: 
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 10:49 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  I tested with Opera successfully!
:: 
::  Change the format string below in order to get a hex display like:
::  raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
:: 
::  Post the hex value.
:: 
:: 
:: 
::  Fastream Technologies wrote:
::  Hello,
:: 
::  With FF, after msg3,
:: 
::  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
:: pHCtx,
:: @InBuffDesc,
:: 
::  ASC_REQ_SEQUENCE_DETECT, // context requirements
:: SECURITY_NATIVE_DREP,
:: @FHCtx,
:: @OutBuffDesc,
:: ContextAttr,
:: Lifetime);
::  if Sec  0 then
::  begin // enters here with Sec = -2^31
::  {$IFDEF DEBUG_EXCEPTIONS}
::  raise Exception.CreateFmt('Init context failed: %d',
::  [Sec]); {$ELSE}
::  Result := '';
::  FState := lsDoneErr;
::  Exit;
::  {$ENDIF}
::  end;
:: 
::  Arno, do you have any idea?
:: 
::  Best Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Fastream Technologies [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 8:20 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Here is the full log:
:: 
::  FireFox 1.5.0.6:
:: 
::  13.09.2006 21:50:09 Connection Opened
:: 
::  13.09.2006 21:50:09 From Local
::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
::  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
::  Gecko/20060728 Firefox/1.5.0.6..Accept:
:: 
:: 
:: 
:: 
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::  en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::  windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::  keep-alive
:: 
::  13.09.2006 21:50:09 From Remote
::  HTTP/1.1 401 Authorization Required..WWW-Authenticate:
::  NTLM..Content- Length: 629..Content-Type: text/html..Connection:
::  keep- alive..Server: Fastream IQ Reverse
::  ProxyHTMLHEADTITLE401 Authorization ...
:: 
::  13.09.2006 21:50:17 From Local
::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
::  Mozilla/5.0

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Latest report: when I used the Administrator account of Windows, it worked! 
:) So I am beginning to think this is a problem with security policies of 
some Windows.

Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 1:15 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Now it gives SEC_E_LOGON_DENIED. :(
:
: Regards,
:
: SZ
:
: - Original Message - 
: From: Fastream Technologies [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Thursday, September 14, 2006 12:30 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Hello,
::
:: I found the problem source pinpointed:
::
::
:: if Sec  0 then
::begin
::{$IFDEF DEBUG_EXCEPTIONS}
::Exception.CreateFmt('Init context failed: 0x%x', [Sec]); //
:: Sec -2146893048 (0x80090308)
::
::{$ELSE}
::Result := '';
::FState := lsDoneErr;
::Exit;
::{$ENDIF}
::end;
::
:: When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works!
::
:: Best Regards,
::
:: SZ
::
:: - Original Message - 
:: From: Arno Garrels [EMAIL PROTECTED]
:: To: ICS support mailing twsocket@elists.org
:: Sent: Thursday, September 14, 2006 12:08 PM
:: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::
::
::: Fastream Technologies wrote:
:::  Also the unicode directive enabled, it does not compile! Perhaps that
:::  could be a cure?!
:::
::: No, internally user names, domain names etc. are unicoded anyway.
::: To enable the unicode versions of the SSPI functions you need to
: uncomment
::: both defines in OverbyteIcsNtlmSsp.pas as well as in 
OverbyteIcsSspi.pas.
:::
::: 
:::  Regards,
::: 
:::  SZ
::: 
:::  - Original Message -
:::  From: Fastream Technologies [EMAIL PROTECTED]
:::  To: ICS support mailing twsocket@elists.org
:::  Sent: Thursday, September 14, 2006 11:40 AM
:::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: 
::: 
:::  Hi Arno,
::: 
:::  I also wonder if this could be a lifetime/time zone problem? We are
:::  GMT+200. What is the timeout period of this authentication and did
:::  you consider different time zones?
::: 
:::  Best Regards,
::: 
:::  SZ
::: 
:::  - Original Message -
:::  From: Fastream Technologies [EMAIL PROTECTED]
:::  To: ICS support mailing twsocket@elists.org
:::  Sent: Thursday, September 14, 2006 11:31 AM
:::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: 
::: 
:::  It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
:::  and gave no errors/exceptions! But I cannot deploy in this form...
:::  ;(
::: 
:::  SZ
::: 
:::  - Original Message -
:::  From: Arno Garrels [EMAIL PROTECTED]
:::  To: ICS support mailing twsocket@elists.org
:::  Sent: Thursday, September 14, 2006 10:49 AM
:::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: 
::: 
:::  I tested with Opera successfully!
::: 
:::  Change the format string below in order to get a hex display like:
:::  raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
::: 
:::  Post the hex value.
::: 
::: 
::: 
:::  Fastream Technologies wrote:
:::  Hello,
::: 
:::  With FF, after msg3,
::: 
:::  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
::: pHCtx,
::: @InBuffDesc,
::: 
:::  ASC_REQ_SEQUENCE_DETECT, // context requirements
::: SECURITY_NATIVE_DREP,
::: @FHCtx,
::: @OutBuffDesc,
::: ContextAttr,
::: Lifetime);
:::  if Sec  0 then
:::  begin // enters here with Sec = -2^31
:::  {$IFDEF DEBUG_EXCEPTIONS}
:::  raise Exception.CreateFmt('Init context failed: %d',
:::  [Sec]); {$ELSE}
:::  Result := '';
:::  FState := lsDoneErr;
:::  Exit;
:::  {$ENDIF}
:::  end;
::: 
:::  Arno, do you have any idea?
::: 
:::  Best Regards,
::: 
:::  SZ
::: 
:::  - Original Message -
:::  From: Fastream Technologies [EMAIL PROTECTED]
:::  To: ICS support mailing twsocket@elists.org
:::  Sent: Thursday, September 14, 2006 8:20 AM
:::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: 
::: 
:::  Here is the full log:
::: 
:::  FireFox 1.5.0.6:
::: 
:::  13.09.2006 21:50:09 Connection Opened
::: 
:::  13.09.2006 21:50:09 From Local
:::  GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
:::  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
:::  Gecko/20060728 Firefox/1.5.0.6..Accept:
::: 
::: 
::: 
::: 
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Latest report: when I used the Administrator account of Windows, it
 worked! :) So I am beginning to think this is a problem with security
 policies of some Windows.

Yesterday I tested on a out-of-the-box, new XP SP2 installation, since
this box had a hd crash :( Yes, there are policies dealing with NTLM,
maybe you tweaked them? 

Anyway provide us a Ethereal logfile. Ethereal
does a great job parsing the various NTLM messages!

---
Arno Garrels [TeamICS]
http://www.overbyte.be/eng/overbyte/teamics.html
 

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 1:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Now it gives SEC_E_LOGON_DENIED. :(
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:30 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hello,
 
 I found the problem source pinpointed:
 
 
 if Sec  0 then
begin
{$IFDEF DEBUG_EXCEPTIONS}
Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
 // Sec -2146893048 (0x80090308)
 
{$ELSE}
Result := '';
FState := lsDoneErr;
Exit;
{$ENDIF}
end;
 
 When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so
 works! 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:08 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Also the unicode directive enabled, it does not compile! Perhaps
 that could be a cure?!
 
 No, internally user names, domain names etc. are unicoded anyway.
 To enable the unicode versions of the SSPI functions you need to
 uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in
 OverbyteIcsSspi.pas. 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:40 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hi Arno,
 
 I also wonder if this could be a lifetime/time zone problem? We
 are GMT+200. What is the timeout period of this authentication
 and did you consider different time zones?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:31 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 It is very strange that when I enabled DEBUG_EXCEPTIONS, it
 worked and gave no errors/exceptions! But I cannot deploy in
 this form... ;(
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 10:49 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 I tested with Opera successfully!
 
 Change the format string below in order to get a hex display
 like: raise Exception.CreateFmt('Init context failed: 0x%x',
 [Sec]); 
 
 Post the hex value.
 
 
 
 Fastream Technologies wrote:
 Hello,
 
 With FF, after msg3,
 
 Sec := FPSFT^.AcceptSecurityContext(@FHCred,
pHCtx,
@InBuffDesc,
 
 ASC_REQ_SEQUENCE_DETECT, // context requirements
   
 SECURITY_NATIVE_DREP,
 @FHCtx,   
 @OutBuffDesc,   
 ContextAttr,   
 Lifetime); if Sec  0 then
 begin // enters here with Sec = -2^31
 {$IFDEF DEBUG_EXCEPTIONS}
 raise Exception.CreateFmt('Init context failed:
 %d', [Sec]); {$ELSE}
 Result := '';
 FState := lsDoneErr;
 Exit;
 {$ENDIF}
 end;
 
 Arno, do you have any idea?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 8:20 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 Here is the full log:
 
 FireFox 1.5.0.6:
 
 13.09.2006 21:50:09 Connection Opened
 
 13.09.2006 21:50:09 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 
 
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Also even with IE6XP, POST does not work under my reverse proxy whereas it 
works with Digest. Digest also has a 3-message mechanism. Did you test with 
POST??

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 1:48 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Latest report: when I used the Administrator account of Windows, it
:  worked! :) So I am beginning to think this is a problem with security
:  policies of some Windows.
:
: Yesterday I tested on a out-of-the-box, new XP SP2 installation, since
: this box had a hd crash :( Yes, there are policies dealing with NTLM,
: maybe you tweaked them?
:
: Anyway provide us a Ethereal logfile. Ethereal
: does a great job parsing the various NTLM messages!
:
: ---
: Arno Garrels [TeamICS]
: http://www.overbyte.be/eng/overbyte/teamics.html
:
:
:
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 1:15 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Now it gives SEC_E_LOGON_DENIED. :(
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 12:30 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Hello,
: 
:  I found the problem source pinpointed:
: 
: 
:  if Sec  0 then
: begin
: {$IFDEF DEBUG_EXCEPTIONS}
: Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
:  // Sec -2146893048 (0x80090308)
: 
: {$ELSE}
: Result := '';
: FState := lsDoneErr;
: Exit;
: {$ENDIF}
: end;
: 
:  When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so
:  works!
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 12:08 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  Also the unicode directive enabled, it does not compile! Perhaps
:  that could be a cure?!
: 
:  No, internally user names, domain names etc. are unicoded anyway.
:  To enable the unicode versions of the SSPI functions you need to
:  uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in
:  OverbyteIcsSspi.pas.
: 
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 11:40 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Hi Arno,
: 
:  I also wonder if this could be a lifetime/time zone problem? We
:  are GMT+200. What is the timeout period of this authentication
:  and did you consider different time zones?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 11:31 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  It is very strange that when I enabled DEBUG_EXCEPTIONS, it
:  worked and gave no errors/exceptions! But I cannot deploy in
:  this form... ;(
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 10:49 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
:  question)
: 
: 
:  I tested with Opera successfully!
: 
:  Change the format string below in order to get a hex display
:  like: raise Exception.CreateFmt('Init context failed: 0x%x',
:  [Sec]);
: 
:  Post the hex value.
: 
: 
: 
:  Fastream Technologies wrote:
:  Hello,
: 
:  With FF, after msg3,
: 
:  Sec := FPSFT^.AcceptSecurityContext(@FHCred,
: pHCtx,
: @InBuffDesc,
: 
:  ASC_REQ_SEQUENCE_DETECT, // context requirements
: 
:  SECURITY_NATIVE_DREP,
:  @FHCtx,
:  @OutBuffDesc,
:  ContextAttr,
:  Lifetime); if Sec  0 then
:  begin // enters here with Sec = -2^31
:  {$IFDEF DEBUG_EXCEPTIONS}
:  raise Exception.CreateFmt('Init context failed:
:  %d', [Sec]); {$ELSE}
:  Result := '';
:  FState := lsDoneErr;
:  Exit;
:  {$ENDIF}
:  end;
: 
:  Arno, do you have any idea?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 8:20 AM
:  Subject: Re: [twsocket] Fw: Urgent

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Maurizio Lotauro
Scrive Fastream Technologies [EMAIL PROTECTED]:

 Here is the full log:

How are these logs created? I asked for ethereal logs because it decode the 
NTLM message, so we can see what domain and username will send by each client 
(you can do this yourself).
Both browser asking for credential or only FF?
One thing that I noticed is that IE send a cookie even in the first request.


Bye, Maurizio.


This mail has been sent using Alpikom webmail system
http://www.alpikom.it

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Arno Garrels wrote:
 Fastream Technologies wrote:
 Latest report: when I used the Administrator account of Windows, it
 worked! :) So I am beginning to think this is a problem with security
 policies of some Windows.
 
 Yesterday I tested on a out-of-the-box, new XP SP2 installation, since
 this box had a hd crash :( Yes, there are policies dealing with NTLM,
 maybe you tweaked them?

Also check your registry, play with the values.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

lmcompatibilitylevel=dword n
LmCompatibilityLevel settings
The LmCompatibilityLevel registry entry can be configured with the following 
values: . LmCompatibilityLevel value of 0: Send LAN Manager (LM) response and 
NTLM response; never use NTLM version 2 (NTLMv2) session security. Clients use 
LM and NTLM authentication, and never use NTLMv2 session security; domain 
controllers accept LM, NTLM, and NTLMv2 authentication. 
  . LmCompatibilityLevel value of 1: Use NTLMv2 session security, if 
negotiated. Clients use LM and NTLM authentication, and use NTLMv2 session 
security if the server supports it; domain controllers accept LM, NTLM, and 
NTLMv2 authentication.  
  . LmCompatibilityLevel value of 2: Send NTLM response only. Clients use 
only NTLM authentication, and use NTLMv2 session security if the server 
supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication. 
  . LmCompatibilityLevel value of 3: Send NTLMv2 response only. Clients use 
NTLMv2 authentication, and use NTLMv2 session security if the server supports 
it; domain controllers accept LM, NTLM, and NTLMv2 authentication. 
  . LmCompatibilityLevel value of 4: (Server Only) - Domain controllers 
refuse LM responses. Clients use NTLM authentication, and use NTLMv2 session 
security if the server supports it; domain controllers refuse LM 
authentication, and accept NTLM and NTLMv2 authentication. 
  . LmCompatibilityLevel value of 5: (Server Only) - Domain controllers 
refuse LM and NTLM responses, and accept only NTLMv2 responses. Clients use 
NTLMv2 authentication, use NTLMv2 session security if the server supports it; 
domain controllers refuse NTLM and LM authentication, and accept only NTLMv2 
authentication. 


 
 Anyway provide us a Ethereal logfile. Ethereal
 does a great job parsing the various NTLM messages!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 1:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Now it gives SEC_E_LOGON_DENIED. :(
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:30 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hello,
 
 I found the problem source pinpointed:
 
 
 if Sec  0 then
begin
{$IFDEF DEBUG_EXCEPTIONS}
Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
 // Sec -2146893048 (0x80090308)
 
{$ELSE}
Result := '';
FState := lsDoneErr;
Exit;
{$ENDIF}
end;
 
 When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so
 works!
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:08 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Also the unicode directive enabled, it does not compile! Perhaps
 that could be a cure?!
 
 No, internally user names, domain names etc. are unicoded anyway.
 To enable the unicode versions of the SSPI functions you need to
 uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in
 OverbyteIcsSspi.pas.
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:40 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hi Arno,
 
 I also wonder if this could be a lifetime/time zone problem? We
 are GMT+200. What is the timeout period of this authentication
 and did you consider different time zones?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:31 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 It is very strange that when I enabled DEBUG_EXCEPTIONS, it
 worked and gave no errors/exceptions! But I cannot deploy in
 this form... ;(
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Ethereal does not work on localhost!! I put together these logs using 
socketspy.

IE does not ask for credentials until you press POST then it begins not 
accepting even the administrator password! Opera gets the server go 100% 
CPU. FF only accepts administrator password.

Regards,

SZ

- Original Message - 
From: Maurizio Lotauro [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 2:02 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Scrive Fastream Technologies [EMAIL PROTECTED]:
:
:  Here is the full log:
:
: How are these logs created? I asked for ethereal logs because it decode 
the
: NTLM message, so we can see what domain and username will send by each 
client
: (you can do this yourself).
: Both browser asking for credential or only FF?
: One thing that I noticed is that IE send a cookie even in the first 
request.
:
:
: Bye, Maurizio.
:
: 
: This mail has been sent using Alpikom webmail system
: http://www.alpikom.it
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Arno Garrels wrote:
 Arno Garrels wrote:
 Fastream Technologies wrote:
 Latest report: when I used the Administrator account of Windows, it
 worked! :) So I am beginning to think this is a problem with
 security policies of some Windows.
 
 Yesterday I tested on a out-of-the-box, new XP SP2 installation,
 since this box had a hd crash :( Yes, there are policies dealing
 with NTLM, maybe you tweaked them?
 
 Also check your registry, play with the values.
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
 
 lmcompatibilitylevel=dword n

Forgot to say that factory default is 0.
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Yes it is 0 here as well!

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 2:13 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Arno Garrels wrote:
:  Arno Garrels wrote:
:  Fastream Technologies wrote:
:  Latest report: when I used the Administrator account of Windows, it
:  worked! :) So I am beginning to think this is a problem with
:  security policies of some Windows.
:  
:  Yesterday I tested on a out-of-the-box, new XP SP2 installation,
:  since this box had a hd crash :( Yes, there are policies dealing
:  with NTLM, maybe you tweaked them?
:  
:  Also check your registry, play with the values.
:  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
:  
:  lmcompatibilitylevel=dword n
: 
: Forgot to say that factory default is 0.
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Maurizio Lotauro
Scrive Fastream Technologies [EMAIL PROTECTED]:

 Ethereal does not work on localhost!! I put together these logs using 
 socketspy.

I think that if you want to know if your application works you should 
reproduce a real environment. Will your reverse proxy run on a real server 
or on the same pc of the client?
Not to mention how ethereal help to detectd the differences between clients.


Bye, Maurizio.



This mail has been sent using Alpikom webmail system
http://www.alpikom.it

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Even IE6 does not work with HTTP POST under NTLM!

I have setup a server and will try on that.

Regards,

SZ

- Original Message - 
From: Maurizio Lotauro [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 2:33 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Scrive Fastream Technologies [EMAIL PROTECTED]:
:
:  Ethereal does not work on localhost!! I put together these logs using
:  socketspy.
:
: I think that if you want to know if your application works you should
: reproduce a real environment. Will your reverse proxy run on a real 
server
: or on the same pc of the client?
: Not to mention how ethereal help to detectd the differences between 
clients.
:
:
: Bye, Maurizio.
:
:
: 
: This mail has been sent using Alpikom webmail system
: http://www.alpikom.it
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
I uploaded a new version, added error logging to the demo and
fixed some minor bugs. EXE is also included.
http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip
Though it won't fix the problem.  


Fastream Technologies wrote:
 Yes it is 0 here as well!
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 2:13 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Arno Garrels wrote:
 Arno Garrels wrote:
 Fastream Technologies wrote:
 Latest report: when I used the Administrator account of Windows,
 it worked! :) So I am beginning to think this is a problem with
 security policies of some Windows.
 
 Yesterday I tested on a out-of-the-box, new XP SP2 installation,
 since this box had a hd crash :( Yes, there are policies dealing
 with NTLM, maybe you tweaked them?
 
 Also check your registry, play with the values.
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
 
 lmcompatibilitylevel=dword n
 
 Forgot to say that factory default is 0.
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Even IE6 does not work with HTTP POST under NTLM!
 
 I have setup a server and will try on that.

In the first place we should make the demo working,
so we can be sure the problem is not in your proxy
code.

Why does it work on my boxes with the same browsers,
why does it not work at Fastream? That's the big
question, I cannot answer currently. One of my boxes
is pretty slow one is really fast.


 
 Regards,
 
 SZ
 
 - Original Message -
 From: Maurizio Lotauro [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 2:33 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Scrive Fastream Technologies [EMAIL PROTECTED]:
 
 Ethereal does not work on localhost!! I put together these logs
 using socketspy.
 
 I think that if you want to know if your application works you should
 reproduce a real environment. Will your reverse proxy run on a
 real server or on the same pc of the client?
 Not to mention how ethereal help to detectd the differences between
 clients. 
 
 
 Bye, Maurizio.
 
 
 
 This mail has been sent using Alpikom webmail system
 http://www.alpikom.it
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Latest report: when I used the Administrator account of Windows, it
 worked! :) So I am beginning to think this is a problem with security
 policies of some Windows.

Also turn on eventlog, monitor the security events.

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 1:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Now it gives SEC_E_LOGON_DENIED. :(
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:30 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hello,
 
 I found the problem source pinpointed:
 
 
 if Sec  0 then
begin
{$IFDEF DEBUG_EXCEPTIONS}
Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
 // Sec -2146893048 (0x80090308)
 
{$ELSE}
Result := '';
FState := lsDoneErr;
Exit;
{$ENDIF}
end;
 
 When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so
 works! 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 12:08 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Also the unicode directive enabled, it does not compile! Perhaps
 that could be a cure?!
 
 No, internally user names, domain names etc. are unicoded anyway.
 To enable the unicode versions of the SSPI functions you need to
 uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in
 OverbyteIcsSspi.pas. 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:40 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Hi Arno,
 
 I also wonder if this could be a lifetime/time zone problem? We
 are GMT+200. What is the timeout period of this authentication
 and did you consider different time zones?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 11:31 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 It is very strange that when I enabled DEBUG_EXCEPTIONS, it
 worked and gave no errors/exceptions! But I cannot deploy in
 this form... ;(
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 10:49 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 I tested with Opera successfully!
 
 Change the format string below in order to get a hex display
 like: raise Exception.CreateFmt('Init context failed: 0x%x',
 [Sec]); 
 
 Post the hex value.
 
 
 
 Fastream Technologies wrote:
 Hello,
 
 With FF, after msg3,
 
 Sec := FPSFT^.AcceptSecurityContext(@FHCred,
pHCtx,
@InBuffDesc,
 
 ASC_REQ_SEQUENCE_DETECT, // context requirements
   
 SECURITY_NATIVE_DREP,
 @FHCtx,   
 @OutBuffDesc,   
 ContextAttr,   
 Lifetime); if Sec  0 then
 begin // enters here with Sec = -2^31
 {$IFDEF DEBUG_EXCEPTIONS}
 raise Exception.CreateFmt('Init context failed:
 %d', [Sec]); {$ELSE}
 Result := '';
 FState := lsDoneErr;
 Exit;
 {$ENDIF}
 end;
 
 Arno, do you have any idea?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 8:20 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 Here is the full log:
 
 FireFox 1.5.0.6:
 
 13.09.2006 21:50:09 Connection Opened
 
 13.09.2006 21:50:09 From Local
 GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
 Gecko/20060728 Firefox/1.5.0.6..Accept:
 
 
 
 
 
 
 text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-
 Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive:
 300..Connection: keep-alive
 
 13.09.2006 21:50:09 From Remote
 HTTP/1.1 401 Authorization Required..WWW-Authenticate:
 NTLM..Content- Length: 629..Content-Type:
 text/html..Connection: keep- alive

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
/html
Connection: close
Server: Fastream IQ Reverse Proxy

HTMLHEADTITLE401 Authorization Required/TITLE/HEADBODYFONT 
FACE=VerdanaH1Authorization Required/H1BRThis server could not 
verify that you are authorized to access the document requested. Either you 
supplied the wrong credentials (e.g. bad password), or your browser doesn't 
understand how to supply the credentials required. You may want to contact 
the server administrator here: A 
HREF=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/A.PBRHRIBFastream 
IQ Reverse Proxy/BBRA 
HREF=http://www.fastream.com/IQReverseProxy/;www.fastream.com/IQReverseProxy/A/IHR/FONT/BODY/HTML€E
 
E 6   6ØÍ•@ v÷êË E  (Õ@@ € 8À¨À¨ P–ȹ¿_ùø£IPüaÙ  €E Eó  
v÷êË [EMAIL PROTECTED] E  (-š@ €GßÀ¨À¨– Pùø£Iȹ¿_PüæT€E 
E  
v÷êË [EMAIL PROTECTED] E  (-›@ €GŞÀ¨À¨– Pùø£Jȹ¿`PüæS€E 
E5 6 
6ØÍ•@ v÷êË E  (ÕA@ € 7À¨À¨ P–ȹ¿`ùø£JPüaØ  ‚E E .   .    
^ÿú v÷êË F   ÕF  œìÀ¨ïÿÿú”   úïÿÿú‡E Ed
    ^   ¿[Aw E  #  À¨à  dî›  @ t¸ÂÏ.jZUl‰E E©/ 
.   .    ^ÿú v÷êË F   ÕG  œëÀ¨ïÿÿú”   úïÿÿúŠE E¥v÷êË 
[EMAIL PROTECTED] E  0-œ@ €GÕÀ¨À¨— Ph¸€pÿÿ×[  ´ŠE Eü 
ØÍ•@ v÷êË E  0ÕH@ € (À¨À¨ P—äh¸pÿÿ‚K  ´ŠE E¥ 
v÷êË [EMAIL PROTECTED] E  (-ž@ €GÛÀ¨À¨— Ph¸äPÿÿ¯ŠE Eƒ 
ú  ú 
v÷êË [EMAIL PROTECTED] E ì-Ÿ@ €EÀ¨À¨— Ph¸äPÿÿÇ4  POST / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
application/x-shockwave-flash, application/vnd.ms-excel, 
application/vnd.ms-powerpoint, application/msword, */*
Referer: http://fastream.homeip.net/
Accept-Language: tr,en-us;q=0.5
Content-Type: multipart/form-data; 
boundary=---7d637af120086
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 
1.1.4322)
Host: fastream.homeip.net
Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
Connection: Keep-Alive
Cache-Control: no-cache
Authorization: NTLM TlRMTVNTUAABB4IIogAFASgKDw==
Content-Length: 0

ŠE E2L      ØÍ•@ v÷êË E ùÕI@ €œ^À¨À¨ P—äh»EPı;å7 
HTTP/1.1 401 Authorization Required
WWW-Authenticate: NTLM 
TlRMTVNTUAACDAAMADgFgoqin8sAeAp+szUAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH==
Content-Length: 629
Content-Type: text/html
Connection: close
Server: Fastream IQ Reverse Proxy

HTMLHEADTITLE401 Authorization Required/TITLE/HEADBODYFONT 
FACE=VerdanaH1Authorization Required/H1BRThis server could not 
verify that you are authorized to access the document requested. Either you 
supplied the wrong credentials (e.g. bad password), or your browser doesn't 
understand how to supply the credentials required. You may want to contact 
the server administrator here: A 
HREF=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/A.PBRHRIBFastream 
IQ Reverse Proxy/BBRA 
HREF=http://www.fastream.com/IQReverseProxy/;www.fastream.com/IQReverseProxy/A/IHR/FONT/BODY/HTMLŠE
 
E.M 6   6ØÍ•@ v÷êË E  (ÕJ@ € .À¨À¨ P—ä?íh»EPı;«=  ŠE EON  
v÷êË [EMAIL PROTECTED] E  (-¡@ €GØÀ¨À¨— Ph»Eä?îPü.¬JŠE 
E˜P ° 
°   v÷êË [EMAIL PROTECTED] E ¢-¢@ €D]À¨À¨— Ph»Eä?îPü.ì¦  POST / 
HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
application/x-shockwave-flash, application/vnd.ms-excel, 
application/vnd.ms-powerpoint, application/msword, */*
Referer: http://fastream.homeip.net/
Accept-Language: tr,en-us;q=0.5
Content-Type: multipart/form-data; 
boundary=---7d637af120086
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 
1.1.4322)
Host: fastream.homeip.net
Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
Connection: Keep-Alive
Cache-Control: no-cache
Authorization: NTLM 
TlRMTVNTUAADGAAYAIAYABgAmAwADABIGgAaAFQSABIAbgCwBYKIogUBKAoPbABhAHAAdABvAHAAYQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBCAEwAQQBDAEsASABBAFcASwDfkLizRDmqUgDDlsa6UMs01Ep9zIP4BKpkzVT2V7CiC4A=
Content-Length: 194

ŠE E^Q ø   øv÷êË [EMAIL PROTECTED] E  ê-£@ €GÀ¨À¨— 
h¾¿ä?îPü.¾  -7d637af120086
Content-Disposition: form-data; name=upfile; filename=
Content-Type: application/octet-stream


-7d637af120086--
ŠE E|Q 6   6ØÍ•@ v÷êË E  (ÕK@ € -À¨À¨ P—ä?îh¿Pÿÿ¤=  ŠE 
EÃQv÷êË [EMAIL PROTECTED] E  (-¤@ €GÕÀ¨À¨— Ph¿ä?îPü.¨
ŠE EæQ 6   6ØÍ•@ v÷êË E  (ÕL@ € ,À¨À¨ P—ä?îh¿‚Pÿÿ¤

- Original Message - 
From: Stadin, Benjamin [EMAIL PROTECTED]
To: twsocket@elists.org
Sent: Thursday, September 14, 2006 3:05 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


:I said that several times. You must

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this 
malformed header!!!

Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:15 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Ok I recreated the user a with a non-null pwd and it worked. BUT POST 
does
: not work in ANY browser! Never authenticates. This is the Ethereal dump:
:
: ÃÃf²¡  ÿÿ     â,¬E E¬D ú  ú   v÷êà [EMAIL PROTECTED] 
E 
ì-@ â,¬EÃ?¨Ã?¨â?o
: PqÃfAâ?¦h7õµPÿÿX]  POST / HTTP/1.1
: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
: application/x-shockwave-flash, application/vnd.ms-excel,
: application/vnd.ms-powerpoint, application/msword, */*
: Referer: http://fastream.homeip.net/
: Accept-Language: tr,en-us;q=0.5
: Content-Type: multipart/form-data;
: boundary=---7d637af120086
: UA-CPU: x86
: Accept-Encoding: gzip, deflate
: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
: 1.1.4322)
: Host: fastream.homeip.net
: Connection: Keep-Alive
: Cache-Control: no-cache
: Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
: Authorization: NTLM 
TlRMTVNTUAABB4IIogAFASgKDw==
: Content-Length: 0
:
: â,¬E EÃL      Ã~Íâ?¢@ v֐à E ùÃ.6@ â,¬ÅqÃ?¨Ã?¨ 
Pâ?oh7õµqÃfDIPÿÿâ
: HTTP/1.1 401 Authorization Required
: WWW-Authenticate: NTLM
: 
TlRMTVNTUAACDAAMADgFgoqioCqv9v7MM+EAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH==
: Content-Length: 629
: Content-Type: text/html
: Connection: close
: Server: Fastream IQ Reverse Proxy
:
: HTMLHEADTITLE401 Authorization Required/TITLE/HEADBODYFONT
: FACE=VerdanaH1Authorization Required/H1BRThis server could not
: verify that you are authorized to access the document requested. Either 
you
: supplied the wrong credentials (e.g. bad password), or your browser 
doesn't
: understand how to supply the credentials required. You may want to contact
: the server administrator here: A
: 
HREF=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/A.PBRHRIBFastream
: IQ Reverse Proxy/BBRA
: 
HREF=http://www.fastream.com/IQReverseProxy/;www.fastream.com/IQReverseProxy/A/IHR/FONT/BODY/HTMLâ,¬E
: EøM 6   6Ã~Íâ?¢@ v֐à E  (Ã.7@ â,¬ AÃ?¨Ã?¨ Pâ?oh7ùâ? 
qÃfDIPÿÿ Ï  â,¬E EÅ N 
: v÷êà [EMAIL PROTECTED] E  (-â?~@ â,¬GèÃ?¨Ã?¨â?o 
PqÃfDIh7ùâ?¡Pü. â,¬E E¸Q Ã
: à   v÷êà [EMAIL PROTECTED] E Ã?-â?T@ â,¬DIÃ?¨Ã?¨â?o 
PqÃfDIh7ùâ?¡Pü.âr  POST / HTTP/1.1
: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
: application/x-shockwave-flash, application/vnd.ms-excel,
: application/vnd.ms-powerpoint, application/msword, */*
: Referer: http://fastream.homeip.net/
: Accept-Language: tr,en-us;q=0.5
: Content-Type: multipart/form-data;
: boundary=---7d637af120086
: UA-CPU: x86
: Accept-Encoding: gzip, deflate
: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
: 1.1.4322)
: Host: fastream.homeip.net
: Content-Length: 194
: Connection: Keep-Alive
: Cache-Control: no-cache
: Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
: Authorization: NTLM
: 
TlRMTVNTUAADGAAYAJoYABgAsgAAACYAJgBIGgAaAG4SABIAiADKBYKIogUBKAoPZgBhAHMAdAByAGUAYQBtAC4AaABvAG0AZQBpAHAALgBuAGUAdABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAEIATABBAEMASwBIAEEAVwBLAN96CsZ+Wo0dAMMFoduSgerudny+MJHuX4KJKkWtO+xVNg==
:
: â,¬E ER ø   øv÷êà [EMAIL PROTECTED] E  ê-â?o@ 
â,¬G$Ã?¨Ã?¨â?o
: qÃfGçh7ùâ?¡Pü.A  -7d637af120086
: Content-Disposition: form-data; name=upfile; filename=
: Content-Type: application/octet-stream
:
:
: -7d637af120086--
: â,¬E E7R 6   6Ã~Íâ?¢@ v֐à E  (Ã.8@ â,¬ @Ã?¨Ã?¨ 
Pâ?oh7ùâ?¡qÃfH©PûŸ Ï  â,¬E
: ESv÷êà [EMAIL PROTECTED] E  (-â?@ â,¬GÃ¥Ã?¨Ã?¨â?o 
PqÃfH©h7ùâ?¡Pü. ?â,¬E
: E?S 6   6Ã~Íâ?¢@ v֐à E  (Ã.9@ â,¬ ?Ã?¨Ã?¨ 
Pâ?oh7ùâ?¡qÃfHªPûŸ Î  â,¬E EžT 
: v÷êà [EMAIL PROTECTED] E  0-â?¢@ â,¬GÃoÃ?¨Ã?¨â? PùøŸª 
pÿÿ^?  ´â,¬E EÃ'T 
: Ã~Íâ?¢@ v֐à E  0Ã.:@ â,¬ 6Ã?¨Ã?¨ 
Pâ?Ã^¹¼EùøŸ«pÿÿÃT.  ´â,¬E EqU 
: v÷êà [EMAIL PROTECTED] E  (-â?@ â,¬GâÃ?¨Ã?¨â? 
PùøŸ«Ã^¹¼FPÿÿóâ,¬E EaV Ã
: à   v÷êà [EMAIL PROTECTED] E Ã?-Ëo@ â,¬DCÃ?¨Ã?¨â? 
PùøŸ«Ã^¹¼FPÿÿÃ-Ã.  POST / HTTP/1.1
: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
: application/x-shockwave-flash, application/vnd.ms-excel,
: application/vnd.ms-powerpoint, application/msword, */*
: Referer: http://fastream.homeip.net/
: Accept-Language: tr,en-us;q=0.5
: Content-Type: multipart/form-data

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
I just noticed that Ethereal cannot dump the protocol insight. :( Or maybe 
there is a way??

Arno, I think you will need to use the POST demo together with NTLM to test 
against.

Benjamin, thanks for the empty password idea!

Best Regards,

SubZero

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:22 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this
malformed header!!!

Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:15 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Ok I recreated the user a with a non-null pwd and it worked. BUT POST
does
: not work in ANY browser! Never authenticates. This is the Ethereal dump:
:
: ÃÃf²¡  ÿÿ     â,¬E E¬D ú  ú   v÷êà [EMAIL PROTECTED] 
E
ì-@ â,¬EÃ?¨Ã?¨â?o
: PqÃfAâ?¦h7õµPÿÿX]  POST / HTTP/1.1
: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
: application/x-shockwave-flash, application/vnd.ms-excel,
: application/vnd.ms-powerpoint, application/msword, */*
: Referer: http://fastream.homeip.net/
: Accept-Language: tr,en-us;q=0.5
: Content-Type: multipart/form-data;
: boundary=---7d637af120086
: UA-CPU: x86
: Accept-Encoding: gzip, deflate
: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
: 1.1.4322)
: Host: fastream.homeip.net
: Connection: Keep-Alive
: Cache-Control: no-cache
: Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
: Authorization: NTLM
TlRMTVNTUAABB4IIogAFASgKDw==
: Content-Length: 0
:
: â,¬E EÃL      Ã~Íâ?¢@ v֐à E ùÃ.6@ â,¬ÅqÃ?¨Ã?¨
Pâ?oh7õµqÃfDIPÿÿâ
: HTTP/1.1 401 Authorization Required
: WWW-Authenticate: NTLM
:
TlRMTVNTUAACDAAMADgFgoqioCqv9v7MM+EAAEQARABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAH==
: Content-Length: 629
: Content-Type: text/html
: Connection: close
: Server: Fastream IQ Reverse Proxy
:
: HTMLHEADTITLE401 Authorization Required/TITLE/HEADBODYFONT
: FACE=VerdanaH1Authorization Required/H1BRThis server could not
: verify that you are authorized to access the document requested. Either
you
: supplied the wrong credentials (e.g. bad password), or your browser
doesn't
: understand how to supply the credentials required. You may want to contact
: the server administrator here: A
:
HREF=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/A.PBRHRIBFastream
: IQ Reverse Proxy/BBRA
:
HREF=http://www.fastream.com/IQReverseProxy/;www.fastream.com/IQReverseProxy/A/IHR/FONT/BODY/HTMLâ,¬E
: EøM 6   6Ã~Íâ?¢@ v֐à E  (Ã.7@ â,¬ AÃ?¨Ã?¨ Pâ?oh7ùâ?
qÃfDIPÿÿ Ï  â,¬E EÅ N 
: v÷êà [EMAIL PROTECTED] E  (-â?~@ â,¬GèÃ?¨Ã?¨â?o
PqÃfDIh7ùâ?¡Pü. â,¬E E¸Q Ã
: à   v÷êà [EMAIL PROTECTED] E Ã?-â?T@ â,¬DIÃ?¨Ã?¨â?o
PqÃfDIh7ùâ?¡Pü.âr  POST / HTTP/1.1
: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
: application/x-shockwave-flash, application/vnd.ms-excel,
: application/vnd.ms-powerpoint, application/msword, */*
: Referer: http://fastream.homeip.net/
: Accept-Language: tr,en-us;q=0.5
: Content-Type: multipart/form-data;
: boundary=---7d637af120086
: UA-CPU: x86
: Accept-Encoding: gzip, deflate
: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
: 1.1.4322)
: Host: fastream.homeip.net
: Content-Length: 194
: Connection: Keep-Alive
: Cache-Control: no-cache
: Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D
: Authorization: NTLM
:
TlRMTVNTUAADGAAYAJoYABgAsgAAACYAJgBIGgAaAG4SABIAiADKBYKIogUBKAoPZgBhAHMAdAByAGUAYQBtAC4AaABvAG0AZQBpAHAALgBuAGUAdABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAEIATABBAEMASwBIAEEAVwBLAN96CsZ+Wo0dAMMFoduSgerudny+MJHuX4KJKkWtO+xVNg==
:
: â,¬E ER ø   øv÷êà [EMAIL PROTECTED] E  ê-â?o@ 
â,¬G$Ã?¨Ã?¨â?o
: qÃfGçh7ùâ?¡Pü.A  -7d637af120086
: Content-Disposition: form-data; name=upfile; filename=
: Content-Type: application/octet-stream
:
:
: -7d637af120086--
: â,¬E E7R 6   6Ã~Íâ?¢@ v֐à E  (Ã.8@ â,¬ @Ã?¨Ã?¨
Pâ?oh7ùâ?¡qÃfH©PûŸ Ï  â,¬E
: ESv÷êà [EMAIL PROTECTED] E  (-â?@ â,¬GÃ¥Ã?¨Ã?¨â?o
PqÃfH©h7ùâ?¡Pü. ?â,¬E
: E?S 6   6Ã~Íâ?¢@ v֐à E  (Ã.9@ â,¬ ?Ã?¨Ã?¨
Pâ?oh7ùâ?¡qÃfHªPûŸ Î  â,¬E EžT 
: v÷êà [EMAIL PROTECTED] E  0-â?¢@ â,¬GÃoÃ?¨Ã?¨â? PùøŸª
pÿÿ^?  ´â,¬E EÃ'T 
: Ã~Íâ?¢@ v֐à E  0Ã.:@ â,¬ 6Ã?¨Ã?¨
Pâ?Ã^¹¼EùøŸ«pÿÿÃT.  ´â,¬E EqU 
: v÷êà [EMAIL PROTECTED] E  (-â?@ â,¬GâÃ?Â

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Basicallly the ntlmmessage = NULL where it must not be--ethereal
 calls this 
 malformed header!!!

Please, please, please upload the Ethereal dump in as a *.pcap file
somewhere so we can open it with ethereal.

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Here it is: http://www.fastream.com/ics/ntlm.pcap

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:36 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Basicallly the ntlmmessage = NULL where it must not be--ethereal
:  calls this 
:  malformed header!!!
: 
: Please, please, please upload the Ethereal dump in as a *.pcap file
: somewhere so we can open it with ethereal.
: 
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
NTLM requires Keep-Alive, but the server sends Connection: close in 
the header of 401Answer.  
 
Fastream Technologies wrote:
 Here it is: http://www.fastream.com/ics/ntlm.pcap
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 3:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Basicallly the ntlmmessage = NULL where it must not be--ethereal
 calls this
 malformed header!!!
 
 Please, please, please upload the Ethereal dump in as a *.pcap file
 somewhere so we can open it with ethereal.
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? What 
should we do if the server admin specifies NTLM but the client does not 
support HTTP/1.1? Is this a rare situation?

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 3:57 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 NTLM requires Keep-Alive, but the server sends Connection: close in
 the header of 401Answer.

 Fastream Technologies wrote:
 Here it is: http://www.fastream.com/ics/ntlm.pcap

 Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 3:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Basicallly the ntlmmessage = NULL where it must not be--ethereal
 calls this
 malformed header!!!

 Please, please, please upload the Ethereal dump in as a *.pcap file
 somewhere so we can open it with ethereal.

 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 -- 
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Fastream Technologies wrote:
 Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only?

No it is not. Same as with digest that also works in my demo with 1.0. 

 What should we do if the server admin specifies NTLM but the client
 does not support HTTP/1.1? Is this a rare situation?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 3:57 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 NTLM requires Keep-Alive, but the server sends Connection: close in
 the header of 401Answer.
 
 Fastream Technologies wrote:
 Here it is: http://www.fastream.com/ics/ntlm.pcap
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Thursday, September 14, 2006 3:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Basicallly the ntlmmessage = NULL where it must not be--ethereal
 calls this
 malformed header!!!
 
 Please, please, please upload the Ethereal dump in as a *.pcap file
 somewhere so we can open it with ethereal.
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Hello Arno,

Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I 
will need to complete the HTML authentication until next week now... Hmm. ;)

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 4:05 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only?
:
: No it is not. Same as with digest that also works in my demo with 1.0.
:
:  What should we do if the server admin specifies NTLM but the client
:  does not support HTTP/1.1? Is this a rare situation?
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 3:57 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  NTLM requires Keep-Alive, but the server sends Connection: close in
:  the header of 401Answer.
: 
:  Fastream Technologies wrote:
:  Here it is: http://www.fastream.com/ics/ntlm.pcap
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Thursday, September 14, 2006 3:36 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  Basicallly the ntlmmessage = NULL where it must not be--ethereal
:  calls this
:  malformed header!!!
: 
:  Please, please, please upload the Ethereal dump in as a *.pcap file
:  somewhere so we can open it with ethereal.
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
One last lesson: when NTLM POST is taking place, if you press too frequently 
on Mozilla, the progress meter stalls. When you click on another link it 
works fine then. This does not happen with IE. I think this is a FF bug in 
their state machine!

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Thursday, September 14, 2006 4:33 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Hello Arno,
:
: Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I
: will need to complete the HTML authentication until next week now... Hmm. 
;)
:
: Best Regards,
:
: SZ
:
: - Original Message - 
: From: Arno Garrels [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Thursday, September 14, 2006 4:05 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Fastream Technologies wrote:
::  Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only?
::
:: No it is not. Same as with digest that also works in my demo with 1.0.
::
::  What should we do if the server admin specifies NTLM but the client
::  does not support HTTP/1.1? Is this a rare situation?
:: 
::  Best Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 3:57 PM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  NTLM requires Keep-Alive, but the server sends Connection: close in
::  the header of 401Answer.
:: 
::  Fastream Technologies wrote:
::  Here it is: http://www.fastream.com/ics/ntlm.pcap
:: 
::  Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Thursday, September 14, 2006 3:36 PM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Fastream Technologies wrote:
::  Basicallly the ntlmmessage = NULL where it must not be--ethereal
::  calls this
::  malformed header!!!
:: 
::  Please, please, please upload the Ethereal dump in as a *.pcap file
::  somewhere so we can open it with ethereal.
:: 
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
:: -- 
:: To unsubscribe or change your settings for TWSocket mailing list
:: please goto http://www.elists.org/mailman/listinfo/twsocket
:: Visit our website at http://www.overbyte.be
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Stadin, Benjamin
I don't think so. NTLM works fine for me in FF ever since. FF just fills
data into an NTLM context struct and if the message is complete it is used.
This has nothing to do with a state machine.

And btw, I've looked at the Pascal code of this pslib, I think it's more a
hack than a solution. Firefox doesn't use bloody hacks to access the
protected storage for Single-Sign-On. I've made a list with a short
description to function calls for the FF source code to show how it works
(propably ;-) ). FF has a function table for function calls to Windows' own
secure32.dll / security.dll to provide SSPI functionality (also a good
lesson in C programming, FF code is great but not easy to understand at
first).

Benjamin Stadin


Fastream Technologies schrieb:

 One last lesson: when NTLM POST is taking place, if you press too
frequently
 on Mozilla, the progress meter stalls. When you click on another link it
 works fine then. This does not happen with IE. I think this is a FF bug in
 their state machine!

 Best Regards,

 SZ
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Fastream Technologies
Hello,

Perhaps you can check out POSTing with IQRP 1.2b1 
(http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you 
need to do is,

- define the web server IP/port in Servers
- Go to URL Rules and assign the web server to Default (catch-all) URL rule
- Enable NTLM authentication on the same tabsheet

I used our IQ Web server which works perfectly when on its own to test. You 
will need to press the POST button (for example file upload in IQWF) very 
frequently.

Regards,

SZ

- Original Message - 
From: Stadin, Benjamin [EMAIL PROTECTED]
To: twsocket@elists.org
Sent: Thursday, September 14, 2006 5:57 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


I don't think so. NTLM works fine for me in FF ever since. FF just fills
 data into an NTLM context struct and if the message is complete it is 
 used.
 This has nothing to do with a state machine.

 And btw, I've looked at the Pascal code of this pslib, I think it's more a
 hack than a solution. Firefox doesn't use bloody hacks to access the
 protected storage for Single-Sign-On. I've made a list with a short
 description to function calls for the FF source code to show how it works
 (propably ;-) ). FF has a function table for function calls to Windows' 
 own
 secure32.dll / security.dll to provide SSPI functionality (also a good
 lesson in C programming, FF code is great but not easy to understand at
 first).

 Benjamin Stadin


 Fastream Technologies schrieb:

 One last lesson: when NTLM POST is taking place, if you press too
 frequently
 on Mozilla, the progress meter stalls. When you click on another link it
 works fine then. This does not happen with IE. I think this is a FF bug 
 in
 their state machine!

 Best Regards,

 SZ
 -- 
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Stadin, Benjamin
I remember that there was the same problem in ICS-SSL with Firefox in the
beginning. I think the connection isn't closed when this happens. Check with
your network sniffer if that's the case and set a break point to check
whether the connection is closed in your code. I don't believe that this is
a Firefox problem.


Fastream Technologies schrieb:

 Hello,

 Perhaps you can check out POSTing with IQRP 1.2b1
 (http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you
 need to do is,

 - define the web server IP/port in Servers
 - Go to URL Rules and assign the web server to Default (catch-all) URL
rule
 - Enable NTLM authentication on the same tabsheet

 I used our IQ Web server which works perfectly when on its own to test.
You
 will need to press the POST button (for example file upload in IQWF) very
 frequently.

 Regards,

 SZ

 - Original Message -
 From: Stadin, Benjamin [EMAIL PROTECTED]
 To: twsocket@elists.org
 Sent: Thursday, September 14, 2006 5:57 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)

 I don't think so. NTLM works fine for me in FF ever since. FF just fills
  data into an NTLM context struct and if the message is complete it is
  used.
  This has nothing to do with a state machine.
 
  And btw, I've looked at the Pascal code of this pslib, I think it's more
a
  hack than a solution. Firefox doesn't use bloody hacks to access the
  protected storage for Single-Sign-On. I've made a list with a short
  description to function calls for the FF source code to show how it
works
  (propably ;-) ). FF has a function table for function calls to Windows'
  own
  secure32.dll / security.dll to provide SSPI functionality (also a good
  lesson in C programming, FF code is great but not easy to understand at
  first).
 
  Benjamin Stadin
 
 
  Fastream Technologies schrieb:
 
  One last lesson: when NTLM POST is taking place, if you press too
  frequently
  on Mozilla, the progress meter stalls. When you click on another link
it
  works fine then. This does not happen with IE. I think this is a FF bug
  in
  their state machine!
 
  Best Regards,
 
  SZ
  --
  To unsubscribe or change your settings for TWSocket mailing list
  please goto http://www.elists.org/mailman/listinfo/twsocket
  Visit our website at http://www.overbyte.be

 -- 
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-14 Thread Arno Garrels
Stadin, Benjamin wrote:
 FF has a function table for
 function calls to Windows' own secure32.dll / security.dll to provide
 SSPI functionality (also a good lesson in C programming, 

OverbyteIcsSspi as well ;-) this how the API works!


---
Arno Garrels [TeamICS]
http://www.overbyte.be/eng/overbyte/teamics.html

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 It does not ask for domain then! 

BTW: Not all browsers provide a domain field in their 
auth-dialog!

There's a boolean var Allow, set it to FALSE in order to
reject the user. 

 I thought this would look like a NT-
 log on screen!! How does it understand which NTLM-domain to log in??

??
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:20 AM
 Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I have another problem: it never authenticates! Never lets in! I
 wrote, 
 
 localhost\User (a windows user)
 and my password but it does not work!
 
 Do not include host/domain in the username!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 11:29 AM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  It does not ask for domain then!
:
: BTW: Not all browsers provide a domain field in their
: auth-dialog!

I tried with both Firefox and IE6XP.

:
: There's a boolean var Allow, set it to FALSE in order to
: reject the user.

The domain property was null when I did not enter the domain name as I said.

:
:  I thought this would look like a NT-
:  log on screen!! How does it understand which NTLM-domain to log in??
:
: ??

When there is NO domain edit box, and when the user name does NOT include a 
domain name, how does it understand the domain name

:
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:20 AM
:  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  I have another problem: it never authenticates! Never lets in! I
:  wrote,
: 
:  localhost\User (a windows user)
:  and my password but it does not work!
: 
:  Do not include host/domain in the username!
: 
:  ---
:  Arno Garrels [TeamICS]
:  http://www.overbyte.be/eng/overbyte/teamics.html
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:29 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 It does not ask for domain then!
 
 BTW: Not all browsers provide a domain field in their
 auth-dialog!
 
 I tried with both Firefox and IE6XP.

Try the demo, it works! 

 I thought this would look like a NT-
 log on screen!! How does it understand which NTLM-domain to log in??
 
 ??
 
 When there is NO domain edit box, and when the user name does NOT
 include a domain name, how does it understand the domain name

If the browser does not send a domain SSPI uses the default logon
authority, this may be either the local computer or the domain where
the computer is a member. How it works exactely under the hood, is
unknown to me. 


 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:20 AM
 Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I have another problem: it never authenticates! Never lets in! I
 wrote,
 
 localhost\User (a windows user)
 and my password but it does not work!
 
 Do not include host/domain in the username!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Please reply my private messages as well.

Thanks,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 12:01 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:29 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:  
:  
:  Fastream Technologies wrote:
:  It does not ask for domain then!
:  
:  BTW: Not all browsers provide a domain field in their
:  auth-dialog!
:  
:  I tried with both Firefox and IE6XP.
: 
: Try the demo, it works! 
: 
:  I thought this would look like a NT-
:  log on screen!! How does it understand which NTLM-domain to log in??
:  
:  ??
:  
:  When there is NO domain edit box, and when the user name does NOT
:  include a domain name, how does it understand the domain name
: 
: If the browser does not send a domain SSPI uses the default logon
: authority, this may be either the local computer or the domain where
: the computer is a member. How it works exactely under the hood, is
: unknown to me. 
: 
: 
:  
:  
:  Regards,
:  
:  SZ
:  
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:20 AM
:  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
:  
:  
:  Fastream Technologies wrote:
:  I have another problem: it never authenticates! Never lets in! I
:  wrote,
:  
:  localhost\User (a windows user)
:  and my password but it does not work!
:  
:  Do not include host/domain in the username!
:  
:  ---
:  Arno Garrels [TeamICS]
:  http://www.overbyte.be/eng/overbyte/teamics.html
:  
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Please reply my private messages as well.

This is plenty of C code, and I have to do my work as well!
I'll take a look at it later.

 
 Thanks,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 12:01 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:29 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 It does not ask for domain then!
 
 BTW: Not all browsers provide a domain field in their
 auth-dialog!
 
 I tried with both Firefox and IE6XP.
 
 Try the demo, it works!
 
 I thought this would look like a NT-
 log on screen!! How does it understand which NTLM-domain to log
 in?? 
 
 ??
 
 When there is NO domain edit box, and when the user name does NOT
 include a domain name, how does it understand the domain name
 
 If the browser does not send a domain SSPI uses the default logon
 authority, this may be either the local computer or the domain where
 the computer is a member. How it works exactely under the hood, is
 unknown to me.
 
 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:20 AM
 Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I have another problem: it never authenticates! Never lets in! I
 wrote,
 
 localhost\User (a windows user)
 and my password but it does not work!
 
 Do not include host/domain in the username!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
C and Pascal are close relatives and the code is not complex since you know 
the Pascal-correspondent. I know you are a busy coder but please give high 
priority for this. I really do not see where the C++ conversion mistake is. 
It simply does not ask for NTLM-domain information!!

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 12:09 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Please reply my private messages as well.
:
: This is plenty of C code, and I have to do my work as well!
: I'll take a look at it later.
:
: 
:  Thanks,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 12:01 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:29 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  It does not ask for domain then!
: 
:  BTW: Not all browsers provide a domain field in their
:  auth-dialog!
: 
:  I tried with both Firefox and IE6XP.
: 
:  Try the demo, it works!
: 
:  I thought this would look like a NT-
:  log on screen!! How does it understand which NTLM-domain to log
:  in??
: 
:  ??
: 
:  When there is NO domain edit box, and when the user name does NOT
:  include a domain name, how does it understand the domain name
: 
:  If the browser does not send a domain SSPI uses the default logon
:  authority, this may be either the local computer or the domain where
:  the computer is a member. How it works exactely under the hood, is
:  unknown to me.
: 
: 
: 
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:20 AM
:  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  I have another problem: it never authenticates! Never lets in! I
:  wrote,
: 
:  localhost\User (a windows user)
:  and my password but it does not work!
: 
:  Do not include host/domain in the username!
: 
:  ---
:  Arno Garrels [TeamICS]
:  http://www.overbyte.be/eng/overbyte/teamics.html
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Arno,

I just tried with your demo.html and it gives the same problem! Please 
refine your code under BCB personality (perhaps that's related?). It gives 
no compile time error--just does not let it authenticate!

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 12:09 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Please reply my private messages as well.
:
: This is plenty of C code, and I have to do my work as well!
: I'll take a look at it later.
:
: 
:  Thanks,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 12:01 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:29 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  It does not ask for domain then!
: 
:  BTW: Not all browsers provide a domain field in their
:  auth-dialog!
: 
:  I tried with both Firefox and IE6XP.
: 
:  Try the demo, it works!
: 
:  I thought this would look like a NT-
:  log on screen!! How does it understand which NTLM-domain to log
:  in??
: 
:  ??
: 
:  When there is NO domain edit box, and when the user name does NOT
:  include a domain name, how does it understand the domain name
: 
:  If the browser does not send a domain SSPI uses the default logon
:  authority, this may be either the local computer or the domain where
:  the computer is a member. How it works exactely under the hood, is
:  unknown to me.
: 
: 
: 
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:20 AM
:  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  I have another problem: it never authenticates! Never lets in! I
:  wrote,
: 
:  localhost\User (a windows user)
:  and my password but it does not work!
: 
:  Do not include host/domain in the username!
: 
:  ---
:  Arno Garrels [TeamICS]
:  http://www.overbyte.be/eng/overbyte/teamics.html
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still does 
not work under Firefox. Please test it under Firefox as well!

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 1:22 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Arno,
:
: I just tried with your demo.html and it gives the same problem! Please
: refine your code under BCB personality (perhaps that's related?). It gives
: no compile time error--just does not let it authenticate!
:
: Regards,
:
: SZ
:
: - Original Message - 
: From: Arno Garrels [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Wednesday, September 13, 2006 12:09 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Fastream Technologies wrote:
::  Please reply my private messages as well.
::
:: This is plenty of C code, and I have to do my work as well!
:: I'll take a look at it later.
::
:: 
::  Thanks,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Wednesday, September 13, 2006 12:01 PM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Fastream Technologies wrote:
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Wednesday, September 13, 2006 11:29 AM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Fastream Technologies wrote:
::  It does not ask for domain then!
:: 
::  BTW: Not all browsers provide a domain field in their
::  auth-dialog!
:: 
::  I tried with both Firefox and IE6XP.
:: 
::  Try the demo, it works!
:: 
::  I thought this would look like a NT-
::  log on screen!! How does it understand which NTLM-domain to log
::  in??
:: 
::  ??
:: 
::  When there is NO domain edit box, and when the user name does NOT
::  include a domain name, how does it understand the domain name
:: 
::  If the browser does not send a domain SSPI uses the default logon
::  authority, this may be either the local computer or the domain where
::  the computer is a member. How it works exactely under the hood, is
::  unknown to me.
:: 
:: 
:: 
:: 
::  Regards,
:: 
::  SZ
:: 
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Wednesday, September 13, 2006 11:20 AM
::  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
:: 
:: 
::  Fastream Technologies wrote:
::  I have another problem: it never authenticates! Never lets in! I
::  wrote,
:: 
::  localhost\User (a windows user)
::  and my password but it does not work!
:: 
::  Do not include host/domain in the username!
:: 
::  ---
::  Arno Garrels [TeamICS]
::  http://www.overbyte.be/eng/overbyte/teamics.html
:: 
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
:: -- 
:: To unsubscribe or change your settings for TWSocket mailing list
:: please goto http://www.elists.org/mailman/listinfo/twsocket
:: Visit our website at http://www.overbyte.be
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 C and Pascal are close relatives and the code is not complex since
 you know the Pascal-correspondent. I know you are a busy coder but
 please give high priority for this. I really do not see where the C++
 conversion mistake is. It simply does not ask for NTLM-domain
 information!! 

I looked at your source (which is hard to read since there are no
indentations), but cannot find the error.
Obviously you override the two most important routines,
THttpConnection.AuthCheckAuthenticated as well as 
THttpConnection.Answer401 and also use a slightly different
logic.

Debug by setting the apropriate break points and single step
thru the code.
The difference of NTLM compared to the other auth-methods
is that it needs one more step in the sequence, means the
server must always send a 401 response containing the
NTLM message 2.
Also helpfull is logging the traffic with ethereal.  

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 12:09 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Please reply my private messages as well.
 
 This is plenty of C code, and I have to do my work as well!
 I'll take a look at it later.
 
 
 Thanks,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 12:01 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:29 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 It does not ask for domain then!
 
 BTW: Not all browsers provide a domain field in their
 auth-dialog!
 
 I tried with both Firefox and IE6XP.
 
 Try the demo, it works!
 
 I thought this would look like a NT-
 log on screen!! How does it understand which NTLM-domain to log
 in??
 
 ??
 
 When there is NO domain edit box, and when the user name does NOT
 include a domain name, how does it understand the domain name
 
 If the browser does not send a domain SSPI uses the default logon
 authority, this may be either the local computer or the domain
 where the computer is a member. How it works exactely under the
 hood, is unknown to me.
 
 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:20 AM
 Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I have another problem: it never authenticates! Never lets
 in! I wrote,
 
 localhost\User (a windows user)
 and my password but it does not work!
 
 Do not include host/domain in the username!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still
 does not work under Firefox. Please test it under Firefox as well!

Works fine with Gecko/20060728 Firefox/1.5.0.6.
However their are plenty of different versions available, probably some
of them are buggy. Check with ethereal! 

 Best Regards,
 
 SZ
 
 - Original Message -
 From: Fastream Technologies [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 1:22 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Arno,
 
 I just tried with your demo.html and it gives the same problem!
 Please refine your code under BCB personality (perhaps that's
 related?). It gives no compile time error--just does not let it
 authenticate! 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 12:09 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Please reply my private messages as well.
 
 This is plenty of C code, and I have to do my work as well!
 I'll take a look at it later.
 
 
 Thanks,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 12:01 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:29 AM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 It does not ask for domain then!
 
 BTW: Not all browsers provide a domain field in their
 auth-dialog!
 
 I tried with both Firefox and IE6XP.
 
 Try the demo, it works!
 
 I thought this would look like a NT-
 log on screen!! How does it understand which NTLM-domain to log
 in??
 
 ??
 
 When there is NO domain edit box, and when the user name does NOT
 include a domain name, how does it understand the domain name
 
 If the browser does not send a domain SSPI uses the default logon
 authority, this may be either the local computer or the domain
 where the computer is a member. How it works exactely under the
 hood, is unknown to me.
 
 
 
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 11:20 AM
 Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I have another problem: it never authenticates! Never lets
 in! I wrote,
 
 localhost\User (a windows user)
 and my password but it does not work!
 
 Do not include host/domain in the username!
 
 ---
 Arno Garrels [TeamICS]
 http://www.overbyte.be/eng/overbyte/teamics.html
 
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Also, in IE, as Francois said, it auto logs in to a domain. Where is the 
selection?

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 1:50 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Ok. Your demo worked fine with the SECURITY_WIN32 trick YET it still
:  does not work under Firefox. Please test it under Firefox as well!
:
: Works fine with Gecko/20060728 Firefox/1.5.0.6.
: However their are plenty of different versions available, probably some
: of them are buggy. Check with ethereal!
:
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Fastream Technologies [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 1:22 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Arno,
: 
:  I just tried with your demo.html and it gives the same problem!
:  Please refine your code under BCB personality (perhaps that's
:  related?). It gives no compile time error--just does not let it
:  authenticate!
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 12:09 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  Please reply my private messages as well.
: 
:  This is plenty of C code, and I have to do my work as well!
:  I'll take a look at it later.
: 
: 
:  Thanks,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 12:01 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:29 AM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  It does not ask for domain then!
: 
:  BTW: Not all browsers provide a domain field in their
:  auth-dialog!
: 
:  I tried with both Firefox and IE6XP.
: 
:  Try the demo, it works!
: 
:  I thought this would look like a NT-
:  log on screen!! How does it understand which NTLM-domain to log
:  in??
: 
:  ??
: 
:  When there is NO domain edit box, and when the user name does NOT
:  include a domain name, how does it understand the domain name
: 
:  If the browser does not send a domain SSPI uses the default logon
:  authority, this may be either the local computer or the domain
:  where the computer is a member. How it works exactely under the
:  hood, is unknown to me.
: 
: 
: 
: 
:  Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 11:20 AM
:  Subject: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  I have another problem: it never authenticates! Never lets
:  in! I wrote,
: 
:  localhost\User (a windows user)
:  and my password but it does not work!
: 
:  Do not include host/domain in the username!
: 
:  ---
:  Arno Garrels [TeamICS]
:  http://www.overbyte.be/eng/overbyte/teamics.html
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing
:  list please goto
:  http://www.elists.org/mailman/listinfo/twsocket Visit our
:  website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: 
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 
Please check my private message.

Your EXE works fine using Firefox/1.5.0.6!

 
 Rgrds,
 
 SZ
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
I also tested with FF/1.5.0.6! Something's wrong somewhere!

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 2:15 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  
: Please check my private message.
: 
: Your EXE works fine using Firefox/1.5.0.6!
: 
:  
:  Rgrds,
:  
:  SZ
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!

BTW: In FF you may enter a user name like Host\User, though this
is most likely not the problem here.

 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Hello Arno and Everybody,

Could you look at this screenshot carefully: 
http://www.fastream.com/ics/arnoscreenshot.png.

This is Arno's demo compiled with BCB2k6 and running on a Windows XP Pro 
with no domain controller and just a work group. It does not let me 
authenticate and there is no domain information--both not stated () and 
asked for!

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 2:31 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  I also tested with FF/1.5.0.6! Something's wrong somewhere!
:
: BTW: In FF you may enter a user name like Host\User, though this
: is most likely not the problem here.
:
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 2:15 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
: 
:  Please check my private message.
: 
:  Your EXE works fine using Firefox/1.5.0.6!
: 
: 
:  Rgrds,
: 
:  SZ
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a Windows XP
 Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not stated
 () and asked for!

I tried the same config, both your bin and FF locally on XP Pro
successfully. Sure the account must be on the same box.
The NTLM 401 doesn't send a domain header, so you see () in FF.  


 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Did you try a non-80 port? Maybe that requires a domain in the header?

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 4:36 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Hello Arno and Everybody,
:  
:  Could you look at this screenshot carefully:
:  http://www.fastream.com/ics/arnoscreenshot.png.
:  
:  This is Arno's demo compiled with BCB2k6 and running on a Windows XP
:  Pro with no domain controller and just a work group.
:  It does not let
:  me authenticate and there is no domain information--both not stated
:  () and asked for!
: 
: I tried the same config, both your bin and FF locally on XP Pro
: successfully. Sure the account must be on the same box.
: The NTLM 401 doesn't send a domain header, so you see () in FF.  
: 
: 
:  
:  Best Regards,
:  
:  SZ
:  
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 2:31 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:  
:  
:  Fastream Technologies wrote:
:  I also tested with FF/1.5.0.6! Something's wrong somewhere!
:  
:  BTW: In FF you may enter a user name like Host\User, though this
:  is most likely not the problem here.
:  
:  
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 2:15 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:  
:  
:  Fastream Technologies wrote:
:  
:  Please check my private message.
:  
:  Your EXE works fine using Firefox/1.5.0.6!
:  
:  
:  Rgrds,
:  
:  SZ
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Here is what we are talking about with Arno for others:

http://www.fastream.com/ics/OverbyteIcsWebServBCB.zip (includes exe, 412KB)

Use the URL: http://localhost/demo.html

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 4:38 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Did you try a non-80 port? Maybe that requires a domain in the header?
: 
: - Original Message - 
: From: Arno Garrels [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Wednesday, September 13, 2006 4:36 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:: Fastream Technologies wrote:
::  Hello Arno and Everybody,
::  
::  Could you look at this screenshot carefully:
::  http://www.fastream.com/ics/arnoscreenshot.png.
::  
::  This is Arno's demo compiled with BCB2k6 and running on a Windows XP
::  Pro with no domain controller and just a work group.
::  It does not let
::  me authenticate and there is no domain information--both not stated
::  () and asked for!
:: 
:: I tried the same config, both your bin and FF locally on XP Pro
:: successfully. Sure the account must be on the same box.
:: The NTLM 401 doesn't send a domain header, so you see () in FF.  
:: 
:: 
::  
::  Best Regards,
::  
::  SZ
::  
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Wednesday, September 13, 2006 2:31 PM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::  
::  
::  Fastream Technologies wrote:
::  I also tested with FF/1.5.0.6! Something's wrong somewhere!
::  
::  BTW: In FF you may enter a user name like Host\User, though this
::  is most likely not the problem here.
::  
::  
::  - Original Message -
::  From: Arno Garrels [EMAIL PROTECTED]
::  To: ICS support mailing twsocket@elists.org
::  Sent: Wednesday, September 13, 2006 2:15 PM
::  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::  
::  
::  Fastream Technologies wrote:
::  
::  Please check my private message.
::  
::  Your EXE works fine using Firefox/1.5.0.6!
::  
::  
::  Rgrds,
::  
::  SZ
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
::  --
::  To unsubscribe or change your settings for TWSocket mailing list
::  please goto http://www.elists.org/mailman/listinfo/twsocket
::  Visit our website at http://www.overbyte.be
:: -- 
:: To unsubscribe or change your settings for TWSocket mailing list
:: please goto http://www.elists.org/mailman/listinfo/twsocket
:: Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Did you try a non-80 port? 

No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a Windows XP
 Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not stated
 () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Ok. It is not related with port. One idea: my Windows username includes a 
space. Could this matter? Should there be made any encoding/decoding?

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 4:53 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Did you try a non-80 port?
:
: No I haven't, have you tried the standard port?
:
:  Maybe that requires a domain in the header?
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 4:36 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  Hello Arno and Everybody,
: 
:  Could you look at this screenshot carefully:
:  http://www.fastream.com/ics/arnoscreenshot.png.
: 
:  This is Arno's demo compiled with BCB2k6 and running on a Windows XP
:  Pro with no domain controller and just a work group.
:  It does not let
:  me authenticate and there is no domain information--both not stated
:  () and asked for!
: 
:  I tried the same config, both your bin and FF locally on XP Pro
:  successfully. Sure the account must be on the same box.
:  The NTLM 401 doesn't send a domain header, so you see () in FF.
: 
: 
: 
:  Best Regards,
: 
:  SZ
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 2:31 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
:  I also tested with FF/1.5.0.6! Something's wrong somewhere!
: 
:  BTW: In FF you may enter a user name like Host\User, though this
:  is most likely not the problem here.
: 
: 
:  - Original Message -
:  From: Arno Garrels [EMAIL PROTECTED]
:  To: ICS support mailing twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 2:15 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: 
: 
:  Fastream Technologies wrote:
: 
:  Please check my private message.
: 
:  Your EXE works fine using Firefox/1.5.0.6!
: 
: 
:  Rgrds,
: 
:  SZ
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter? 

Why don't you create a new account w/o a space and try that out by
yourself?
I created one including a space as well as including German spezific
characters above 128 such as so called Umlauts like Ü,ü, and ß which
is another form of ss. 


 Should there be made any
 encoding/decoding? 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a Windows
 XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
I created an admin user with the name a and no password still no luck! :(

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 5:10 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?

Why don't you create a new account w/o a space and try that out by
yourself?
I created one including a space as well as including German spezific
characters above 128 such as so called Umlauts like Ü,ü, and ß which
is another form of ss.


 Should there be made any
 encoding/decoding?

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Did you try a non-80 port?

 No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Everybody,

 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.

 This is Arno's demo compiled with BCB2k6 and running on a Windows
 XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!

 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.



 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!

 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.


 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:

 Please check my private message.

 Your EXE works fine using Firefox/1.5.0.6!


 Rgrds,

 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 I created an admin user with the name a and no password still no
 luck! :( 

My test user has just limited privileges (User), it also works fine when 
I run the server just as User with limited privileges.

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a Windows
 XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Hello Arno and Francois,
 
 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me 
 inspect:

AFAIK it's not possible to do that, and BTW I don't believe your problem
has to do with the ICS server. IE works for you, right? You may try Netscape
as well. 


 
 http://www.fastream.com/ics/arnoscreenshot2.png
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a Windows
 XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Hello,

In this site: http://www.innovation.ch/personal/ronald/ntlm.html the domain 
names (both the HTTP and NTLM domains) are said to be transmitted in the 
base64 encoding msgs. Could you check this out? I do not believe the empty 
domain implementation is correct!!

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 5:59 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Fastream Technologies wrote:
 Hello Arno and Francois,

 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me
 inspect:

AFAIK it's not possible to do that, and BTW I don't believe your problem
has to do with the ICS server. IE works for you, right? You may try Netscape
as well.



 http://www.fastream.com/ics/arnoscreenshot2.png

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?

 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.


 Should there be made any
 encoding/decoding?

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Did you try a non-80 port?

 No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Everybody,

 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.

 This is Arno's demo compiled with BCB2k6 and running on a Windows
 XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!

 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.



 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!

 BTW: In FF you may enter a user name like Host\User, though this
 is most likely not the problem here.


 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:

 Please check my private message.

 Your EXE works fine using Firefox/1.5.0.6!


 Rgrds,

 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!

What do you mean by that? A missing Domain HTTP header field?
At least in my environment both IE as IIS do not sent any HTTP Domain
header. AND M$ invented NTLM, it is undocumented.  
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Francois,
 
 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me
 inspect:
 
 AFAIK it's not possible to do that, and BTW I don't believe your
 problem 
 has to do with the ICS server. IE works for you, right? You may try
 Netscape 
 as well.
 
 
 
 http://www.fastream.com/ics/arnoscreenshot2.png
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though
 this is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 as  (null). That needs to be fixed. At least localhost or
 127.0.0.1 
 should be displayed there.

Ask the FireFox developer to fix it.


 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:27 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello,
 
 In this site: http://www.innovation.ch/personal/ronald/ntlm.html the
 domain
 names (both the HTTP and NTLM domains) are said to be transmitted in
 the
 base64 encoding msgs.
 
 Where have you read that? Give us a search string, not everybody is
 willing 
 to study the this page from the beginning.
 
 Domain fields exists in the NTLM messages, not in any other HTTP
 header. 
 AND I've never seen a client/browser that fills the Domain field in
 NTLM 
 message 1.
 
 
 Could you check this out? I do not believe the
 empty
 domain implementation is correct!!
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Francois,
 
 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me
 inspect:
 
 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.
 
 
 
 http://www.fastream.com/ics/arnoscreenshot2.png
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in
 FF. 
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though
 this is most likely not the problem here.
 
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 
 Please check my private message.
 
 Your EXE works fine using Firefox/1.5.0.6!
 
 
 Rgrds,
 
 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
I mean the base64 message not the HTTP header.


Again,

I think there is a misunderstanding. Yes that's what the page says and I
mean: the msg contains the domain BUT in your code, the FF displays domain
as  (null). That needs to be fixed. At least localhost or 127.0.0.1
should be displayed there.

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 6:36 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!

What do you mean by that? A missing Domain HTTP header field?
At least in my environment both IE as IIS do not sent any HTTP Domain
header. AND M$ invented NTLM, it is undocumented.

 Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Francois,

 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me
 inspect:

 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.



 http://www.fastream.com/ics/arnoscreenshot2.png

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?

 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.


 Should there be made any
 encoding/decoding?

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Did you try a non-80 port?

 No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Everybody,

 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.

 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!

 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in FF.



 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!

 BTW: In FF you may enter a user name like Host\User, though
 this is most likely not the problem here.


 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:

 Please check my private message.

 Your EXE works fine using Firefox/1.5.0.6!


 Rgrds,

 SZ
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing
 list please goto
 http://www.elists.org/mailman/listinfo/twsocket Visit our
 website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
 --
 To unsubscribe or change your

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Ok, thank you for tolerating my insistence. I am trying to understand.

There is just one issue left: under IE6XP, when I log in, I am not asked of 
any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot 
find the log in change option in any menu! Does anybody know the logic 
behind this? I have seen the words of Francois but I am opting for just the 
opposite--instead of auto logging in, I want the _option_ to be able to 
select the NTLM-domain.

Best Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 6:48 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Fastream Technologies wrote:
 I mean the base64 message not the HTTP header.

I'll give it up soon...
THIS IS A CLIENT ISSUE!!
The same happens when you try to access a protected page on
IIS.



 Again,

 I think there is a misunderstanding. Yes that's what the page says
 and I
 mean: the msg contains the domain BUT in your code, the FF displays
 domain
 as  (null). That needs to be fixed. At least localhost or
 127.0.0.1
 should be displayed there.

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!

 What do you mean by that? A missing Domain HTTP header field?
 At least in my environment both IE as IIS do not sent any HTTP Domain
 header. AND M$ invented NTLM, it is undocumented.

 Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Francois,

 I cannot debug Arno's demo: It stops at breakpoints but does not let
 me
 inspect:

 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.



 http://www.fastream.com/ics/arnoscreenshot2.png

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?

 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German spezific
 characters above 128 such as so called Umlauts like Ü,ü, and ß which
 is another form of ss.


 Should there be made any
 encoding/decoding?

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Did you try a non-80 port?

 No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Everybody,

 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.

 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work group.
 It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!

 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in
 FF.



 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!

 BTW: In FF you may enter a user name like Host\User, though
 this is most likely not the problem here.


 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:15 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:

 Please check my private message.

 Your EXE works fine using Firefox/1.5.0.6!


 Rgrds,

 SZ
 --
 To unsubscribe or change your

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Ok, thank you for tolerating my insistence. I am trying to understand.
 
 There is just one issue left: under IE6XP, when I log in, I am not
 asked of 
 any NTLM-domain name! 

Because there's no Domain information anywhere, The server just sends
HTTP header WWW-Athenticate: NTLM. The client the initiates 
NTLM authentication by sending the NTLM message 1 (which has a domain
field, but that's mostly not filled)


 And assuming that it is like IE-FTP client, I
 cannot 
 find the log in change option in any menu! Does anybody know the logic
 behind this? I have seen the words of Francois but I am opting for
 just the 
 opposite--instead of auto logging in, I want the _option_ to be able
 to 
 select the NTLM-domain.
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:48 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I mean the base64 message not the HTTP header.
 
 I'll give it up soon...
 THIS IS A CLIENT ISSUE!!
 The same happens when you try to access a protected page on
 IIS.
 
 
 
 Again,
 
 I think there is a misunderstanding. Yes that's what the page says
 and I
 mean: the msg contains the domain BUT in your code, the FF displays
 domain
 as  (null). That needs to be fixed. At least localhost or
 127.0.0.1
 should be displayed there.
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!
 
 What do you mean by that? A missing Domain HTTP header field?
 At least in my environment both IE as IIS do not sent any HTTP Domain
 header. AND M$ invented NTLM, it is undocumented.
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Francois,
 
 I cannot debug Arno's demo: It stops at breakpoints but does not
 let me
 inspect:
 
 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.
 
 
 
 http://www.fastream.com/ics/arnoscreenshot2.png
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German
 spezific characters above 128 such as so called Umlauts like Ü,ü,
 and ß which is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question) 
 
 
 Fastream Technologies wrote:
 Hello Arno and Everybody,
 
 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.
 
 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work
 group. It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!
 
 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in
 FF.
 
 
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 2:31 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)
 
 
 Fastream Technologies wrote:
 I also tested with FF/1.5.0.6! Something's wrong somewhere!
 
 BTW: In FF you may enter a user name like Host\User, though
 this is most likely not the problem here.
 
 
 - Original Message -
 From: Arno

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Ok but let's say the server is running on multiple domains using a domain 
controller. At simplest, a normal domain and the local domain. How does the 
client decides which one of them to log on to? And why don't you fill in the 
domain field in the NTLM msg 1?

Regards,

SZ

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 7:25 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


Fastream Technologies wrote:
 Ok, thank you for tolerating my insistence. I am trying to understand.

 There is just one issue left: under IE6XP, when I log in, I am not
 asked of
 any NTLM-domain name!

Because there's no Domain information anywhere, The server just sends
HTTP header WWW-Athenticate: NTLM. The client the initiates
NTLM authentication by sending the NTLM message 1 (which has a domain
field, but that's mostly not filled)


 And assuming that it is like IE-FTP client, I
 cannot
 find the log in change option in any menu! Does anybody know the logic
 behind this? I have seen the words of Francois but I am opting for
 just the
 opposite--instead of auto logging in, I want the _option_ to be able
 to
 select the NTLM-domain.

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:48 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 I mean the base64 message not the HTTP header.

 I'll give it up soon...
 THIS IS A CLIENT ISSUE!!
 The same happens when you try to access a protected page on
 IIS.



 Again,

 I think there is a misunderstanding. Yes that's what the page says
 and I
 mean: the msg contains the domain BUT in your code, the FF displays
 domain
 as  (null). That needs to be fixed. At least localhost or
 127.0.0.1
 should be displayed there.

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!

 What do you mean by that? A missing Domain HTTP header field?
 At least in my environment both IE as IIS do not sent any HTTP Domain
 header. AND M$ invented NTLM, it is undocumented.

 Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Hello Arno and Francois,

 I cannot debug Arno's demo: It stops at breakpoints but does not
 let me
 inspect:

 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.



 http://www.fastream.com/ics/arnoscreenshot2.png

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?

 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German
 spezific characters above 128 such as so called Umlauts like Ü,ü,
 and ß which is another form of ss.


 Should there be made any
 encoding/decoding?

 Best Regards,

 SZ

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


 Fastream Technologies wrote:
 Did you try a non-80 port?

 No I haven't, have you tried the standard port?

 Maybe that requires a domain in the header?

 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM
 question)


 Fastream Technologies wrote:
 Hello Arno and Everybody,

 Could you look at this screenshot carefully:
 http://www.fastream.com/ics/arnoscreenshot.png.

 This is Arno's demo compiled with BCB2k6 and running on a
 Windows XP Pro with no domain controller and just a work
 group. It does not let
 me authenticate and there is no domain information--both not
 stated () and asked for!

 I tried the same config, both your bin and FF locally on XP Pro
 successfully. Sure the account must be on the same box.
 The NTLM 401 doesn't send a domain header, so you see () in
 FF.



 Best Regards,

 SZ

 - Original Message

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Stadin, Benjamin
Normally you won't have a reason to use another domain, the server
appplication uses the domain of the user account it is running with.
Make sure your application is running with the domain account you want to
use AND sufficent privileges (needed to query the user database).

You have to give a domain user using domain\user - if, an only if, the
server
you're sending this information to is in *another* domain (with domain
trustship) than the server application is working with.

So that's necessary when domains are set up to trust each other. The Outlook
web access I'm writing this email from prompts only for user name and
password. I use this webmailer for years and it has always be the same, it
looks the same with every browser that supports NTLM auth (IE, Firefox,
konqueror, countless others on Unix and Solaris).

I give you an example:
My user account is in the default domain g where the server is in, but
other users from a domain (ie d) that is trusted by domain g have to
write d\myusername. The difference is that Windows will query the trusted
domain instead to look in it's own user database. Only in this special case
you need to specify another domain.

- You will need hm... I don't remember ...years ago.. (not admin rights but
at least helper privileges) to be able to query for other domain users
than yourself. It's the credentials from the logged in (server) application
user, if you are running with a local account you won't be able to query the
domain controller.
- You can *not* just give specify another domain in the user field if the
serevrs are not set up to trust each other
- You can also *not* authenticate users of another trusted domain, if you
use trusted domains, without your application user having privileges in
every of the trusted domains

Benjamin Stadin



Fastream Technologies schrieb:

 Ok, thank you for tolerating my insistence. I am trying to understand.

 There is just one issue left: under IE6XP, when I log in, I am not asked
of
 any NTLM-domain name! And assuming that it is like IE-FTP client, I cannot
 find the log in change option in any menu! Does anybody know the logic
 behind this? I have seen the words of Francois but I am opting for just
the
 opposite--instead of auto logging in, I want the _option_ to be able to
 select the NTLM-domain.

 Best Regards,

 SZ

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Thank you for the explanation Benjamin! I got it now. BTW, one note for 
others: Opera does not support NTLM. :(

- Original Message - 
From: Stadin, Benjamin [EMAIL PROTECTED]
To: twsocket@elists.org
Sent: Wednesday, September 13, 2006 7:38 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Normally you won't have a reason to use another domain, the server
: appplication uses the domain of the user account it is running with.
: Make sure your application is running with the domain account you want to
: use AND sufficent privileges (needed to query the user database).
:
: You have to give a domain user using domain\user - if, an only if, the
: server
: you're sending this information to is in *another* domain (with domain
: trustship) than the server application is working with.
:
: So that's necessary when domains are set up to trust each other. The 
Outlook
: web access I'm writing this email from prompts only for user name and
: password. I use this webmailer for years and it has always be the same, it
: looks the same with every browser that supports NTLM auth (IE, Firefox,
: konqueror, countless others on Unix and Solaris).
:
: I give you an example:
: My user account is in the default domain g where the server is in, but
: other users from a domain (ie d) that is trusted by domain g have to
: write d\myusername. The difference is that Windows will query the trusted
: domain instead to look in it's own user database. Only in this special 
case
: you need to specify another domain.
:
: - You will need hm... I don't remember ...years ago.. (not admin rights 
but
: at least helper privileges) to be able to query for other domain users
: than yourself. It's the credentials from the logged in (server) 
application
: user, if you are running with a local account you won't be able to query 
the
: domain controller.
: - You can *not* just give specify another domain in the user field if the
: serevrs are not set up to trust each other
: - You can also *not* authenticate users of another trusted domain, if you
: use trusted domains, without your application user having privileges in
: every of the trusted domains
:
: Benjamin Stadin
:
:
:
: Fastream Technologies schrieb:
: 
:  Ok, thank you for tolerating my insistence. I am trying to understand.
: 
:  There is just one issue left: under IE6XP, when I log in, I am not asked
: of
:  any NTLM-domain name! And assuming that it is like IE-FTP client, I 
cannot
:  find the log in change option in any menu! Does anybody know the logic
:  behind this? I have seen the words of Francois but I am opting for just
: the
:  opposite--instead of auto logging in, I want the _option_ to be able to
:  select the NTLM-domain.
: 
:  Best Regards,
: 
:  SZ
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Ok but let's say the server is running on multiple domains using a
 domain 
 controller. 

Then I guess that the default authenticating authority will be the DC, 
someone  needs to test that, anybody out there with a domain environment? 

 At simplest, a normal domain and the local domain.

I've never heard of a local domain, either your webserver box is a member of a 
domain
or it is a standalone box (in this case you have to ensure that any account is 
locally,
physically available on the webserver box).

 How
 does the 
 client decides which one of them to log on to? 

The client cannot know that in the firstplace, it only gets the WWW-Authenticate
headers, they do not include any domain information.

And why don't you fill
 in the 
 domain field in the NTLM msg 1?

I don't fill it in, the client fills it in!!

 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 7:25 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok, thank you for tolerating my insistence. I am trying to
 understand. 
 
 There is just one issue left: under IE6XP, when I log in, I am not
 asked of
 any NTLM-domain name!
 
 Because there's no Domain information anywhere, The server just sends
 HTTP header WWW-Athenticate: NTLM. The client the initiates
 NTLM authentication by sending the NTLM message 1 (which has a domain
 field, but that's mostly not filled)
 
 
 And assuming that it is like IE-FTP client, I
 cannot
 find the log in change option in any menu! Does anybody know the
 logic behind this? I have seen the words of Francois but I am opting
 for just the
 opposite--instead of auto logging in, I want the _option_ to be able
 to
 select the NTLM-domain.
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:48 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I mean the base64 message not the HTTP header.
 
 I'll give it up soon...
 THIS IS A CLIENT ISSUE!!
 The same happens when you try to access a protected page on
 IIS.
 
 
 
 Again,
 
 I think there is a misunderstanding. Yes that's what the page says
 and I
 mean: the msg contains the domain BUT in your code, the FF
 displays domain
 as  (null). That needs to be fixed. At least localhost or
 127.0.0.1
 should be displayed there.
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 6:36 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 I do not believe the empty domain implementation is correct!!
 
 What do you mean by that? A missing Domain HTTP header field?
 At least in my environment both IE as IIS do not sent any HTTP
 Domain header. AND M$ invented NTLM, it is undocumented.
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:59 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Hello Arno and Francois,
 
 I cannot debug Arno's demo: It stops at breakpoints but does not
 let me
 inspect:
 
 AFAIK it's not possible to do that, and BTW I don't believe your
 problem
 has to do with the ICS server. IE works for you, right? You may try
 Netscape
 as well.
 
 
 
 http://www.fastream.com/ics/arnoscreenshot2.png
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 5:10 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Ok. It is not related with port. One idea: my Windows username
 includes a space. Could this matter?
 
 Why don't you create a new account w/o a space and try that out by
 yourself?
 I created one including a space as well as including German
 spezific characters above 128 such as so called Umlauts like Ü,ü,
 and ß which is another form of ss.
 
 
 Should there be made any
 encoding/decoding?
 
 Best Regards,
 
 SZ
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:53 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Fastream Technologies wrote:
 Did you try a non-80 port?
 
 No I haven't, have you tried the standard port?
 
 Maybe that requires a domain in the header?
 
 - Original Message -
 From: Arno Garrels [EMAIL PROTECTED]
 To: ICS support mailing twsocket@elists.org
 Sent: Wednesday, September 13, 2006 4:36 PM
 Subject: Re: [twsocket] Fw: Urgent

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Arno,

You have the option to enter the NTLM domain name in msg1 of NTLM (base64 
encoded). That's what I mean.

Second, I still cannot get the FF to work. I believe this is an issue at 
least some customers would complain if I deploy now, wrong?

Regards,

SZ

- Original Message - 
From: Stadin, Benjamin [EMAIL PROTECTED]
To: twsocket@elists.org
Sent: Wednesday, September 13, 2006 7:38 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Normally you won't have a reason to use another domain, the server
: appplication uses the domain of the user account it is running with.
: Make sure your application is running with the domain account you want to
: use AND sufficent privileges (needed to query the user database).
:
: You have to give a domain user using domain\user - if, an only if, the
: server
: you're sending this information to is in *another* domain (with domain
: trustship) than the server application is working with.
:
: So that's necessary when domains are set up to trust each other. The 
Outlook
: web access I'm writing this email from prompts only for user name and
: password. I use this webmailer for years and it has always be the same, it
: looks the same with every browser that supports NTLM auth (IE, Firefox,
: konqueror, countless others on Unix and Solaris).
:
: I give you an example:
: My user account is in the default domain g where the server is in, but
: other users from a domain (ie d) that is trusted by domain g have to
: write d\myusername. The difference is that Windows will query the trusted
: domain instead to look in it's own user database. Only in this special 
case
: you need to specify another domain.
:
: - You will need hm... I don't remember ...years ago.. (not admin rights 
but
: at least helper privileges) to be able to query for other domain users
: than yourself. It's the credentials from the logged in (server) 
application
: user, if you are running with a local account you won't be able to query 
the
: domain controller.
: - You can *not* just give specify another domain in the user field if the
: serevrs are not set up to trust each other
: - You can also *not* authenticate users of another trusted domain, if you
: use trusted domains, without your application user having privileges in
: every of the trusted domains
:
: Benjamin Stadin
:
:
:
: Fastream Technologies schrieb:
: 
:  Ok, thank you for tolerating my insistence. I am trying to understand.
: 
:  There is just one issue left: under IE6XP, when I log in, I am not asked
: of
:  any NTLM-domain name! And assuming that it is like IE-FTP client, I 
cannot
:  find the log in change option in any menu! Does anybody know the logic
:  behind this? I have seen the words of Francois but I am opting for just
: the
:  opposite--instead of auto logging in, I want the _option_ to be able to
:  select the NTLM-domain.
: 
:  Best Regards,
: 
:  SZ
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Maurizio Lotauro
Scrive Fastream Technologies [EMAIL PROTECTED]:

 I think there is a misundestanding. Yes that's what the page says and I 
 mean: the msg contains the domain BUT in your code, the FF displays domain
 
 as  (null). That needs to be fixed. At least localhost or 127.0.0.1 
 should be displayed there.

Why? A domain name is not the name of a PC nor an IP address.


Bye, Maurizio.



This mail has been sent using Alpikom webmail system
http://www.alpikom.it

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Arno Garrels
Fastream Technologies wrote:
 Arno,
 
 You have the option to enter the NTLM domain name in msg1 of NTLM
 (base64 encoded). That's what I mean.

Again: NTLM message 1 is sent by the the client/browser!!


 
 Second, I still cannot get the FF to work. I believe this is an issue
 at least some customers would complain if I deploy now, wrong?
 
 Regards,
 
 SZ
 
 - Original Message -
 From: Stadin, Benjamin [EMAIL PROTECTED]
 To: twsocket@elists.org
 Sent: Wednesday, September 13, 2006 7:38 PM
 Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
 
 
 Normally you won't have a reason to use another domain, the server
 appplication uses the domain of the user account it is running with.
 Make sure your application is running with the domain account you
 want to use AND sufficent privileges (needed to query the user
 database). 
 
 You have to give a domain user using domain\user - if, an only if,
 the server
 you're sending this information to is in *another* domain (with
 domain trustship) than the server application is working with.
 
 So that's necessary when domains are set up to trust each other. The
 Outlook web access I'm writing this email from prompts only for user
 name and password. I use this webmailer for years and it has always
 be the same, it looks the same with every browser that supports NTLM
 auth (IE, Firefox, konqueror, countless others on Unix and Solaris).
 
 I give you an example:
 My user account is in the default domain g where the server is in,
 but other users from a domain (ie d) that is trusted by domain g
 have to write d\myusername. The difference is that Windows will
 query the trusted domain instead to look in it's own user database.
 Only in this special case you need to specify another domain.
 
 - You will need hm... I don't remember ...years ago.. (not admin
 rights but at least helper privileges) to be able to query for
 other domain users than yourself. It's the credentials from the
 logged in (server) application user, if you are running with a local
 account you won't be able to query the domain controller.
 - You can *not* just give specify another domain in the user field
 if the serevrs are not set up to trust each other
 - You can also *not* authenticate users of another trusted domain,
 if you use trusted domains, without your application user having
 privileges in every of the trusted domains
 
 Benjamin Stadin
 
 
 
 Fastream Technologies schrieb:
 
 Ok, thank you for tolerating my insistence. I am trying to
 understand. 
 
 There is just one issue left: under IE6XP, when I log in, I am not
 asked of any NTLM-domain name! And assuming that it is like IE-FTP
 client, I cannot find the log in change option in any menu! Does
 anybody know the logic behind this? I have seen the words of
 Francois but I am opting for just the opposite--instead of auto
 logging in, I want the _option_ to be able to select the NTLM-
 domain. 
 
 Best Regards,
 
 SZ
 
 --
 To unsubscribe or change your settings for TWSocket mailing list
 please goto http://www.elists.org/mailman/listinfo/twsocket
 Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Ok. I am trying to understand why the FF does not work...

- Original Message - 
From: Arno Garrels [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 8:05 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Fastream Technologies wrote:
:  Arno,
:  
:  You have the option to enter the NTLM domain name in msg1 of NTLM
:  (base64 encoded). That's what I mean.
: 
: Again: NTLM message 1 is sent by the the client/browser!!
: 
: 
:  
:  Second, I still cannot get the FF to work. I believe this is an issue
:  at least some customers would complain if I deploy now, wrong?
:  
:  Regards,
:  
:  SZ
:  
:  - Original Message -
:  From: Stadin, Benjamin [EMAIL PROTECTED]
:  To: twsocket@elists.org
:  Sent: Wednesday, September 13, 2006 7:38 PM
:  Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:  
:  
:  Normally you won't have a reason to use another domain, the server
:  appplication uses the domain of the user account it is running with.
:  Make sure your application is running with the domain account you
:  want to use AND sufficent privileges (needed to query the user
:  database). 
:  
:  You have to give a domain user using domain\user - if, an only if,
:  the server
:  you're sending this information to is in *another* domain (with
:  domain trustship) than the server application is working with.
:  
:  So that's necessary when domains are set up to trust each other. The
:  Outlook web access I'm writing this email from prompts only for user
:  name and password. I use this webmailer for years and it has always
:  be the same, it looks the same with every browser that supports NTLM
:  auth (IE, Firefox, konqueror, countless others on Unix and Solaris).
:  
:  I give you an example:
:  My user account is in the default domain g where the server is in,
:  but other users from a domain (ie d) that is trusted by domain g
:  have to write d\myusername. The difference is that Windows will
:  query the trusted domain instead to look in it's own user database.
:  Only in this special case you need to specify another domain.
:  
:  - You will need hm... I don't remember ...years ago.. (not admin
:  rights but at least helper privileges) to be able to query for
:  other domain users than yourself. It's the credentials from the
:  logged in (server) application user, if you are running with a local
:  account you won't be able to query the domain controller.
:  - You can *not* just give specify another domain in the user field
:  if the serevrs are not set up to trust each other
:  - You can also *not* authenticate users of another trusted domain,
:  if you use trusted domains, without your application user having
:  privileges in every of the trusted domains
:  
:  Benjamin Stadin
:  
:  
:  
:  Fastream Technologies schrieb:
:  
:  Ok, thank you for tolerating my insistence. I am trying to
:  understand. 
:  
:  There is just one issue left: under IE6XP, when I log in, I am not
:  asked of any NTLM-domain name! And assuming that it is like IE-FTP
:  client, I cannot find the log in change option in any menu! Does
:  anybody know the logic behind this? I have seen the words of
:  Francois but I am opting for just the opposite--instead of auto
:  logging in, I want the _option_ to be able to select the NTLM-
:  domain. 
:  
:  Best Regards,
:  
:  SZ
:  
:  --
:  To unsubscribe or change your settings for TWSocket mailing list
:  please goto http://www.elists.org/mailman/listinfo/twsocket
:  Visit our website at http://www.overbyte.be
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Stadin, Benjamin
Fastream Technologies schrieb:

 Arno,

 You have the option to enter the NTLM domain name in msg1 of NTLM (base64
 encoded). That's what I mean.
I'm not Arno but again, in the browser a domain is only specified in the
form domain\user in the user field of the browser's login window *if* the
user's account you want to use is in another domain which is trusted by the
server application domain. This is a special case.
I think this is not what you are trying to work with, so forget about it for
the moment.
Normally you may not be able (depends on security settings) to specify
another domain in the user field when the server application is running with
a user from a different domain than the user's specified domain name, or the
server app is using a local user. The auth request may fail then.
What sense would it make to use any domain you like? Why should the server
trust you?


 Second, I still cannot get the FF to work. I believe this is an issue at
 least some customers would complain if I deploy now, wrong?

 Regards,

 SZ

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Hello,

Here is the problematic FF log:

13.09.2006 21:50:09 Connection Opened

13.09.2006 21:50:09 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 
Firefox/1.5.0.6..Accept: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: 
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: 
keep-alive

13.09.2006 21:50:09 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length: 
629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ 
Reverse ProxyHTMLHEADTITLE401
...

13.09.2006 21:50:17 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 
Firefox/1.5.0.6..Accept: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: 
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: 
keep-alive..Authorization: NTLM 
TlRMTVNTUAABB4IIAAA=

13.09.2006 21:50:17 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
 
629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ 
Reverse ProxyHTMLHEADTITLE401 Authorization 
Required/TITLE/HEADBODYFONT
...

13.09.2006 21:50:17 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0 
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 
Firefox/1.5.0.6..Accept: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
 
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset: 
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection: 
keep-alive..Authorization: NTLM 
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=

13.09.2006 21:50:17 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM 
..Content-Length: 629..Content-Type: text/html..Connection: 
keep-alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
...


The IE6 response has a different WWW-authenticate. If NTLM is like Digest, 
then they should not be expected to be similar anyway (due to hashing).

Regards,

SZ

- Original Message - 
From: Maurizio Lotauro [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 9:06 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Scrive Fastream Technologies [EMAIL PROTECTED]:
:
: [...]
:
:  Second, I still cannot get the FF to work. I believe this is an issue at
:  least some customers would complain if I deploy now, wrong?
:
: But does IE work? In that case compare the log made with ethereal.
:
:
: Bye, Maurizio.
:
:
: 
: This mail has been sent using Alpikom webmail system
: http://www.alpikom.it
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
To sum up: we have just one bug/problem left. It is the FF compatibility and 
with IE it works fine now. However, Arno claims the code runs well on his 
FF1.5.0.6 but the same browser fails here to authenticate. I thought maybe 
that's because of my Turkish locale but neither my username nor my password 
contains any language-specific characters. Also user a with a blank 
password also fails. I have just one other browser that is Opera and it does 
not support NTLM. I tried with FlashGet and it worked fine in login mode 
though. So either this is a FF bug or what?

Thanks to all who helped me today: Arno, Benjamin, Maurizio and everybody 
else who simply took our traffic!

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 10:04 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: Hello,
:
: Here is the problematic FF log:
:
: 13.09.2006 21:50:09 Connection Opened
:
: 13.09.2006 21:50:09 From Local
: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
: Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
: keep-alive
:
: 13.09.2006 21:50:09 From Remote
: HTTP/1.1 401 Authorization Required..WWW-Authenticate: 
NTLM..Content-Length:
: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
: Reverse ProxyHTMLHEADTITLE401
: ...
:
: 13.09.2006 21:50:17 From Local
: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
: Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
: keep-alive..Authorization: NTLM
: TlRMTVNTUAABB4IIAAA=
:
: 13.09.2006 21:50:17 From Remote
: HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
: 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
: Reverse ProxyHTMLHEADTITLE401 Authorization
: Required/TITLE/HEADBODYFONT
: ...
:
: 13.09.2006 21:50:17 From Local
: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
: Firefox/1.5.0.6..Accept:
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
: keep-alive..Authorization: NTLM
: 
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=
:
: 13.09.2006 21:50:17 From Remote
: HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
: ..Content-Length: 629..Content-Type: text/html..Connection:
: keep-alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
: ...
:
:
: The IE6 response has a different WWW-authenticate. If NTLM is like Digest,
: then they should not be expected to be similar anyway (due to hashing).
:
: Regards,
:
: SZ
:
: - Original Message - 
: From: Maurizio Lotauro [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Wednesday, September 13, 2006 9:06 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Scrive Fastream Technologies [EMAIL PROTECTED]:
::
:: [...]
::
::  Second, I still cannot get the FF to work. I believe this is an issue 
at
::  least some customers would complain if I deploy now, wrong?
::
:: But does IE work? In that case compare the log made with ethereal.
::
::
:: Bye, Maurizio.
::
::
:: 
:: This mail has been sent using Alpikom webmail system
:: http://www.alpikom.it
::
:: -- 
:: To unsubscribe or change your settings for TWSocket mailing list
:: please goto http://www.elists.org/mailman/listinfo/twsocket
:: Visit our website at http://www.overbyte.be
:
: -- 
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be 

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
News! Opera 9.01 available online from www.opera.com supports NTLM! :) Yet 
the bug also occurs on that software... :(

Arno, can you try my exe with Opera?

Best Regards,

SZ

- Original Message - 
From: Fastream Technologies [EMAIL PROTECTED]
To: ICS support mailing twsocket@elists.org
Sent: Wednesday, September 13, 2006 10:46 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)


: To sum up: we have just one bug/problem left. It is the FF compatibility 
and
: with IE it works fine now. However, Arno claims the code runs well on his
: FF1.5.0.6 but the same browser fails here to authenticate. I thought maybe
: that's because of my Turkish locale but neither my username nor my 
password
: contains any language-specific characters. Also user a with a blank
: password also fails. I have just one other browser that is Opera and it 
does
: not support NTLM. I tried with FlashGet and it worked fine in login mode
: though. So either this is a FF bug or what?
:
: Thanks to all who helped me today: Arno, Benjamin, Maurizio and everybody
: else who simply took our traffic!
:
: Best Regards,
:
: SZ
:
: - Original Message - 
: From: Fastream Technologies [EMAIL PROTECTED]
: To: ICS support mailing twsocket@elists.org
: Sent: Wednesday, September 13, 2006 10:04 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Hello,
::
:: Here is the problematic FF log:
::
:: 13.09.2006 21:50:09 Connection Opened
::
:: 13.09.2006 21:50:09 From Local
:: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:: Firefox/1.5.0.6..Accept:
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:: keep-alive
::
:: 13.09.2006 21:50:09 From Remote
:: HTTP/1.1 401 Authorization Required..WWW-Authenticate:
: NTLM..Content-Length:
:: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
:: Reverse ProxyHTMLHEADTITLE401
:: ...
::
:: 13.09.2006 21:50:17 From Local
:: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:: Firefox/1.5.0.6..Accept:
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:: keep-alive..Authorization: NTLM
:: TlRMTVNTUAABB4IIAAA=
::
:: 13.09.2006 21:50:17 From Remote
:: HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
::
: 
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
:: 629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
:: Reverse ProxyHTMLHEADTITLE401 Authorization
:: Required/TITLE/HEADBODYFONT
:: ...
::
:: 13.09.2006 21:50:17 From Local
:: GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
:: (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
:: Firefox/1.5.0.6..Accept:
::
: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
:: en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
:: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
:: keep-alive..Authorization: NTLM
::
: 
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=
::
:: 13.09.2006 21:50:17 From Remote
:: HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
:: ..Content-Length: 629..Content-Type: text/html..Connection:
:: keep-alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
:: ...
::
::
:: The IE6 response has a different WWW-authenticate. If NTLM is like 
Digest,
:: then they should not be expected to be similar anyway (due to hashing).
::
:: Regards,
::
:: SZ
::
:: - Original Message - 
:: From: Maurizio Lotauro [EMAIL PROTECTED]
:: To: ICS support mailing twsocket@elists.org
:: Sent: Wednesday, September 13, 2006 9:06 PM
:: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::
::
::: Scrive Fastream Technologies [EMAIL PROTECTED]:
:::
::: [...]
:::
:::  Second, I still cannot get the FF to work. I believe this is an issue
: at
:::  least some customers would complain if I deploy now, wrong?
:::
::: But does IE work? In that case compare the log made with ethereal.
:::
:::
::: Bye, Maurizio.
:::
:::
::: 
::: This mail has

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Maurizio Lotauro
Scrive Fastream Technologies [EMAIL PROTECTED]:

 Hello,
 
 Here is the problematic FF log:

[...]

A file version would be better, and of both browser.

 The IE6 response has a different WWW-authenticate. If NTLM is like Digest, 
 then they should not be expected to be similar anyway (due to hashing).

But they should not differ in the domain/user part.


Bye, Maurizio.


This mail has been sent using Alpikom webmail system
http://www.alpikom.it

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be


Re: [twsocket] Fw: Urgent (Another simple NTLM question)

2006-09-13 Thread Fastream Technologies
Here is the full log:

FireFox 1.5.0.6:

13.09.2006 21:50:09 Connection Opened

13.09.2006 21:50:09 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
Firefox/1.5.0.6..Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
keep-alive

13.09.2006 21:50:09 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length:
629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
Reverse ProxyHTMLHEADTITLE401 Authorization
...

13.09.2006 21:50:17 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
Firefox/1.5.0.6..Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
keep-alive..Authorization: NTLM
TlRMTVNTUAABB4IIAAA=

13.09.2006 21:50:17 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
TlRMTVNTUAACDAAMADgFgooC/difEScUAFYAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
629..Content-Type: text/html..Connection: keep-alive..Server: Fastream IQ
Reverse ProxyHTMLHEADTITLE401 Authorization
...

13.09.2006 21:50:17 From Local
GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: Mozilla/5.0
(Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728
Firefox/1.5.0.6..Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
keep-alive..Authorization: NTLM
TlRMTVNTUAADGAAYAGIYABgAegBAFgAWAEAMAAwAVgAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwBShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=

13.09.2006 21:50:17 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
..Content-Length: 629..Content-Type: text/html..Connection:
keep-alive..Server: Fastream IQ Reverse ProxyHTMLHEADTITLE401
...

Still asking for password hereForever...

IE6XP:

13.09.2006 21:48:06 Connection Opened

13.09.2006 21:48:06 From Local
GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel, application/msword,
application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding:
gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
Keep-Alive..Cookie: IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D

13.09.2006 21:48:06 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM..Content-Length:
629..Content-Type: text/html..Connection: Keep-Alive..Server: Fastream IQ
Reverse ProxyHTMLHEADTITLE401 Authorization
...

13.09.2006 21:48:06 From Local
GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel, application/msword,
application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding:
gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
Keep-Alive..Authorization: NTLM
TlRMTVNTUAABB7IIogkACQAuBgAGACgFASgKD0xBUFRPUFdPUktHUk9VUA==..Cookie:
IQDomain=NAME=949BB1BDF325862423C53938CEA5EB6D

13.09.2006 21:48:06 From Remote
HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
TlRMTVNTUAACDAAMADgFwoqi1rIk+abQsBfodhAAAEwATABEBQEoCg9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEA..Content-Length:
629..Content-Type: text/html..Connection: Keep-Alive..Server: Fastream IQ
Reverse ProxyHTMLHEADTITLE401 Authorization
...

13.09.2006 21:48:06 From Local
GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel, application/msword,
application/vnd.ms-powerpoint, */*..Accept-Language: tr..Accept-Encoding:
gzip, deflate..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; SV1; .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
Keep-Alive..Authorization: NTLM
TlRMTVNTUAADAEgASABIAEgASABIBcKIogUBKAoP..Cookie: