Re: [twsocket] NTLM AUTH

[Arno Garrels]

Francois PIETTE wrote:
> Maybe this link will help you: http://davenport.sourceforge.net/ntlm.html

I know this article, it's one reason for my question concerning current
NTLM-implementation in the HttpClient.

Arno Garrels   


> 
> --
> [EMAIL PROTECTED]
> http://www.overbyte.be
> 
> - Original Message -
> From: "Arno Garrels" <[EMAIL PROTECTED]>
> To: "ICS support mailing" 
> Sent: Sunday, January 22, 2006 7:45 PM
> Subject: [twsocket] NTLM AUTH
> 
> 
>> Hi,
>> 
>> I've played a bit with NTLM since I wanted to find a server-side
>> solution to accept NTLM authenticated users. BTW: The key is SSPI
>> on Windows systems.
>> 
>> In current NTLM implementation, in IcsNtlmMsgs.NtlmGetMessage2
>> there's somthing I do not understand, which has to do with the
>> Domain-discussion in a previous thread.
>> 
>> As I understand it now, the server replies to the Type1 msg with
>> a Type2 msg which includes the domain and host name (depending
>> on the flags either as Unicode or OEM).
>> However in HTTPCli-NTLM implementation Type1 msg is being sent with an
>> empty DomainName as well as and empty HostName always. Later field
>> Host is populated in Type3 msg with LocalhostName, why??
>> I wonder why we do not pass the Domain in Type1 msg and in function
>> THttpCli.GetNTLMMessage3 we just pass the fields returned from the
>> server like that:
>> Result := NtlmGetMessage3(FNTLMMsg2Info.Domain, //'',
>>  FNTLMMsg2Info.Server, // Hostname,
>> { FNTLMUsercode, FNTLMPassword, }
>>  FCurrUsername, FCurrPassword,
>>  FNTLMMsg2Info.Challenge);
>> 
>> 
>> Also the flags are not checked in NtlmGetMessage2, but Type3 msg
>> is always sent Unicode, what happens if the server doesn't support
>> it (it mostly will support it, but who knows?).
>> 
>> Arno Garrels
>> 
>> 
>> 
>> 
>> --
>> To unsubscribe or change your settings for TWSocket mailing list
>> please goto http://www.elists.org/mailman/listinfo/twsocket
>> Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Re: [twsocket] NTLM AUTH

[Francois PIETTE]

Maybe this link will help you: http://davenport.sourceforge.net/ntlm.html

--
[EMAIL PROTECTED]
http://www.overbyte.be

- Original Message - 
From: "Arno Garrels" <[EMAIL PROTECTED]>
To: "ICS support mailing" 
Sent: Sunday, January 22, 2006 7:45 PM
Subject: [twsocket] NTLM AUTH


> Hi,
> 
> I've played a bit with NTLM since I wanted to find a server-side
> solution to accept NTLM authenticated users. BTW: The key is SSPI
> on Windows systems.
> 
> In current NTLM implementation, in IcsNtlmMsgs.NtlmGetMessage2 
> there's somthing I do not understand, which has to do with the
> Domain-discussion in a previous thread.
> 
> As I understand it now, the server replies to the Type1 msg with 
> a Type2 msg which includes the domain and host name (depending
> on the flags either as Unicode or OEM).
> However in HTTPCli-NTLM implementation Type1 msg is being sent with an 
> empty DomainName as well as and empty HostName always. Later field
> Host is populated in Type3 msg with LocalhostName, why??
> I wonder why we do not pass the Domain in Type1 msg and in function
> THttpCli.GetNTLMMessage3 we just pass the fields returned from the
> server like that:
> Result := NtlmGetMessage3(FNTLMMsg2Info.Domain, //'',
>  FNTLMMsg2Info.Server, // Hostname,
> { FNTLMUsercode, FNTLMPassword, }
>  FCurrUsername, FCurrPassword,
>  FNTLMMsg2Info.Challenge);
> 
> 
> Also the flags are not checked in NtlmGetMessage2, but Type3 msg
> is always sent Unicode, what happens if the server doesn't support
> it (it mostly will support it, but who knows?).
> 
> Arno Garrels
>   
> 
> 
> 
> -- 
> To unsubscribe or change your settings for TWSocket mailing list
> please goto http://www.elists.org/mailman/listinfo/twsocket
> Visit our website at http://www.overbyte.be
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be