Another interesting link is this one: http://codecentral.borland.com/Item.aspx?id=16213 It contains code to validate usercode/password on a Windows domain. It is a Delphi translation of the code in the article: http://support.microsoft.com/default.aspx?scid=kb;EN-US;180548
-- [EMAIL PROTECTED] http://www.overbyte.be ----- Original Message ----- From: "Tibor Csonka" <[EMAIL PROTECTED]> To: "'ICS support mailing'" <twsocket@elists.org> Sent: Wednesday, June 29, 2005 12:40 PM Subject: RE: [twsocket] HttpSrv: implementing NTLM > Apache itself do not support NTLM but take a look at this: > > http://modntlm.sourceforge.net/ > > it's supposed to be a module for Apache. I think they have sources also. > It > may be helpful. > > Regards > Tibor Csonka > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Maurizio Lotauro > Sent: Tuesday, June 28, 2005 4:41 AM > To: ICS support mailing > Subject: Re: [twsocket] HttpSrv: implementing NTLM > > On 23-Jun-05 07:40:28 Francois Piette wrote: > >>> As you can see the server must at least generate the Challenge when >>> speak with an ICS client, and keep it to elaborate the Message3. >>> >>> While from the client side we are "free" to set flags and fields with >>> specific values, the server should be able to hadle all possible >>> values if it must answer to a client different from ICS. > >>This client/server dialog occurs in a single TCP session handled by a > single >>TWSocket at server side. You can store anything you like n that TWSocket >>without collision with other clients. > > That's clear, but there is still the problem how to handle request > made from clients that aren't based on ICS, if they set flags and > fields with values that are different from the "fixed" one set by > THttpCli. > > In conclusion, it seems to me that implementing the NTLM in the > server will require lot of time, and at the moment I don't have so > much time. > And I don't known if it worth the effort. Maybe it would be better to > invest that time implementing a more standard authentication (client > and server) instead for a proprietary and not dodumented like NTLM. > > For example, Apache or other web servers different fom M$ are able to > accept NTLM authentication? (Not a rhetorical question, I really > don't know) > > > Bye, Maurizio. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
