Also even with IE6XP, POST does not work under my reverse proxy whereas it works with Digest. Digest also has a 3-message mechanism. Did you test with POST??
Regards, SZ ----- Original Message ----- From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" <twsocket@elists.org> Sent: Thursday, September 14, 2006 1:48 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies wrote: : > Latest report: when I used the Administrator account of Windows, it : > worked! :) So I am beginning to think this is a problem with security : > policies of some Windows. : : Yesterday I tested on a out-of-the-box, new XP SP2 installation, since : this box had a hd crash :( Yes, there are policies dealing with NTLM, : maybe you tweaked them? : : Anyway provide us a Ethereal logfile. Ethereal : does a great job parsing the various NTLM messages! : : --- : Arno Garrels [TeamICS] : http://www.overbyte.be/eng/overbyte/teamics.html : : : : > Regards, : > : > SZ : > : > ----- Original Message ----- : > From: "Fastream Technologies" <[EMAIL PROTECTED]> : > To: "ICS support mailing" <twsocket@elists.org> : > Sent: Thursday, September 14, 2006 1:15 PM : > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : > : > : >> Now it gives SEC_E_LOGON_DENIED. :( : >> : >> Regards, : >> : >> SZ : >> : >> ----- Original Message ----- : >> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >> To: "ICS support mailing" <twsocket@elists.org> : >> Sent: Thursday, September 14, 2006 12:30 PM : >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >> : >> : >>> Hello, : >>> : >>> I found the problem source pinpointed: : >>> : >>> : >>> if Sec < 0 then : >>> begin : >>> {$IFDEF DEBUG_EXCEPTIONS} : >>> Exception.CreateFmt('Init context failed: 0x%x', [Sec]); : >>> // Sec -2146893048 (0x80090308) : >>> : >>> {$ELSE} : >>> Result := ''; : >>> FState := lsDoneErr; : >>> Exit; : >>> {$ENDIF} : >>> end; : >>> : >>> When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so : >>> works! : >>> : >>> Best Regards, : >>> : >>> SZ : >>> : >>> ----- Original Message ----- : >>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>> To: "ICS support mailing" <twsocket@elists.org> : >>> Sent: Thursday, September 14, 2006 12:08 PM : >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>> : >>> : >>>> Fastream Technologies wrote: : >>>>> Also the unicode directive enabled, it does not compile! Perhaps : >>>>> that could be a cure?! : >>>> : >>>> No, internally user names, domain names etc. are unicoded anyway. : >>>> To enable the unicode versions of the SSPI functions you need to : >>>> uncomment both defines in OverbyteIcsNtlmSsp.pas as well as in : >>>> OverbyteIcsSspi.pas. : >>>> : >>>>> : >>>>> Regards, : >>>>> : >>>>> SZ : >>>>> : >>>>> ----- Original Message ----- : >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>> To: "ICS support mailing" <twsocket@elists.org> : >>>>> Sent: Thursday, September 14, 2006 11:40 AM : >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>> : >>>>> : >>>>>> Hi Arno, : >>>>>> : >>>>>> I also wonder if this could be a lifetime/time zone problem? We : >>>>>> are GMT+200. What is the timeout period of this authentication : >>>>>> and did you consider different time zones? : >>>>>> : >>>>>> Best Regards, : >>>>>> : >>>>>> SZ : >>>>>> : >>>>>> ----- Original Message ----- : >>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>>> To: "ICS support mailing" <twsocket@elists.org> : >>>>>> Sent: Thursday, September 14, 2006 11:31 AM : >>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : >>>>>> : >>>>>> : >>>>>>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it : >>>>>>> worked and gave no errors/exceptions! But I cannot deploy in : >>>>>>> this form... ;( : >>>>>>> : >>>>>>> SZ : >>>>>>> : >>>>>>> ----- Original Message ----- : >>>>>>> From: "Arno Garrels" <[EMAIL PROTECTED]> : >>>>>>> To: "ICS support mailing" <twsocket@elists.org> : >>>>>>> Sent: Thursday, September 14, 2006 10:49 AM : >>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM : >>>>>>> question) : >>>>>>> : >>>>>>> : >>>>>>>> I tested with Opera successfully! : >>>>>>>> : >>>>>>>> Change the format string below in order to get a hex display : >>>>>>>> like: raise Exception.CreateFmt('Init context failed: 0x%x', : >>>>>>>> [Sec]); : >>>>>>>> : >>>>>>>> Post the hex value. : >>>>>>>> : >>>>>>>> : >>>>>>>> : >>>>>>>> Fastream Technologies wrote: : >>>>>>>>> Hello, : >>>>>>>>> : >>>>>>>>> With FF, after msg3, : >>>>>>>>> : >>>>>>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred, : >>>>>>>>> pHCtx, : >>>>>>>>> @InBuffDesc, : >>>>>>>>> : >>>>>>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements : >>>>>>>>> : >>>>>>>>> SECURITY_NATIVE_DREP, : >>>>>>>>> @FHCtx, : >>>>>>>>> @OutBuffDesc, : >>>>>>>>> ContextAttr, : >>>>>>>>> Lifetime); if Sec < 0 then : >>>>>>>>> begin // enters here with Sec = -2^31 : >>>>>>>>> {$IFDEF DEBUG_EXCEPTIONS} : >>>>>>>>> raise Exception.CreateFmt('Init context failed: : >>>>>>>>> %d', [Sec]); {$ELSE} : >>>>>>>>> Result := ''; : >>>>>>>>> FState := lsDoneErr; : >>>>>>>>> Exit; : >>>>>>>>> {$ENDIF} : >>>>>>>>> end; : >>>>>>>>> : >>>>>>>>> Arno, do you have any idea? : >>>>>>>>> : >>>>>>>>> Best Regards, : >>>>>>>>> : >>>>>>>>> SZ : >>>>>>>>> : >>>>>>>>> ----- Original Message ----- : >>>>>>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]> : >>>>>>>>> To: "ICS support mailing" <twsocket@elists.org> : >>>>>>>>> Sent: Thursday, September 14, 2006 8:20 AM : >>>>>>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM : >>>>>>>>> question) : >>>>>>>>> : >>>>>>>>> : >>>>>>>>>> Here is the full log: : >>>>>>>>>> : >>>>>>>>>> FireFox 1.5.0.6: : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:09 Connection Opened : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:09 From Local : >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: : >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) : >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- : >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: : >>>>>>>>>> 300..Connection: keep-alive.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:09 From Remote : >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: : >>>>>>>>>> NTLM..Content- Length: 629..Content-Type: : >>>>>>>>>> text/html..Connection: keep- alive..Server: Fastream IQ : >>>>>>>>>> Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization ... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:17 From Local : >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: : >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) : >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- : >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: : >>>>>>>>>> 300..Connection: keep-alive..Authorization: NTLM : >>>>>>>>>> TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:17 From Remote : >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > TlRMTVNTUAACAAAADAAMADgAAAAFgooC/difEScUAFYAAAAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length: : >>>>>>>>>> 629..Content-Type: text/html..Connection: keep-alive..Server: : >>>>>>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 : >>>>>>>>>> Authorization ... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:17 From Local : >>>>>>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent: : >>>>>>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) : >>>>>>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept: : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language: : >>>>>>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept- : >>>>>>>>>> Charset: windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: : >>>>>>>>>> 300..Connection: keep-alive..Authorization: NTLM : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > TlRMTVNTUAADAAAAGAAYAGIAAAAYABgAegAAAAAAAABAAAAAFgAWAEAAAAAMAAwAVgAAAAAAAAAAAAAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwAAAAAAAAAAAAAAAAAAAABShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:50:17 From Remote : >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : >>>>>>>>>> ..Content-Length: 629..Content-Type: text/html..Connection: : >>>>>>>>>> keep-alive..Server: Fastream IQ Reverse : >>>>>>>>>> Proxy....<HTML><HEAD><TITLE>401 ... : >>>>>>>>>> : >>>>>>>>>> Still asking for password here....Forever... : >>>>>>>>>> : >>>>>>>>>> IE6XP: : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 Connection Opened : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Local : >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, : >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, : >>>>>>>>>> application/vnd.ms- excel, application/msword, : >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: : >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 : >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR : >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- : >>>>>>>>>> Alive..Cookie: : >>>>>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Remote : >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: : >>>>>>>>>> NTLM..Content- Length: 629..Content-Type: : >>>>>>>>>> text/html..Connection: Keep- Alive..Server: Fastream IQ : >>>>>>>>>> Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization ... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Local : >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, : >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, : >>>>>>>>>> application/vnd.ms- excel, application/msword, : >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: : >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 : >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR : >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- : >>>>>>>>>> Alive..Authorization: NTLM : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > TlRMTVNTUAABAAAAB7IIogkACQAuAAAABgAGACgAAAAFASgKAAAAD0xBUFRPUFdPUktHUk9VUA==..Cookie: : >>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Remote : >>>>>>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > TlRMTVNTUAACAAAADAAMADgAAAAFwoqi1rIk+abQsBfodhAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length: : >>>>>>>>>> 629..Content-Type: text/html..Connection: Keep-Alive..Server: : >>>>>>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 : >>>>>>>>>> Authorization ... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Local : >>>>>>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, : >>>>>>>>>> image/jpeg, image/pjpeg, application/x-shockwave-flash, : >>>>>>>>>> application/vnd.ms- excel, application/msword, : >>>>>>>>>> application/vnd.ms-powerpoint, */*..Accept-Language: : >>>>>>>>>> tr..Accept-Encoding: gzip, deflate..User- Agent: Mozilla/4.0 : >>>>>>>>>> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR : >>>>>>>>>> 1.1.4322)..Host: fastream.homeip.net:82..Connection: Keep- : >>>>>>>>>> Alive..Authorization: NTLM : >>>>>>>>>> : >>>>>>> : >>>>>> : >>>>> : >>> : >> : > TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP..Cookie: : >>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D.... : >>>>>>>>>> : >>>>>>>>>> 13.09.2006 21:48:06 From Remote : >>>>>>>>>> HTTP/1.1 200 OK..Content-Type: text/html..Connection: Keep- : >>>>>>>>>> Alive..Server: Fastream IQ Web/FTP Server..Content-Length: : >>>>>>>>>> 14718..Content-Encoding: gzip..Set-Cookie: : >>>>>>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D; PATH=/; : >>>>>>>>>> EXPIRES=Thu, 01 Jan 2009 21:48:06;"..Via: Fastream IQ Reverse : >>>>>>>>>> Proxy.....<data here> : >>>>>>>>>> : >>>>>>>>>> : >>>>>>>>>> I cut the data sections to obey the ICS list 40kB limit here. : >>>>>>>>>> : >>>>>>>>>> Best Regards, : >>>>>>>>>> : >>>>>>>>>> SZ : >>>>>>>>>> : >>>>>>>>>> -- : >>>>>>>>>> To unsubscribe or change your settings for TWSocket mailing : >>>>>>>>>> list please goto : >>>>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our : >>>>>>>>>> website at http://www.overbyte.be : >>>>>>>> -- : >>>>>>>> To unsubscribe or change your settings for TWSocket mailing : >>>>>>>> list please goto : >>>>>>>> http://www.elists.org/mailman/listinfo/twsocket Visit our : >>>>>>>> website at http://www.overbyte.be : >>>>>>> : >>>>>>> -- : >>>>>>> To unsubscribe or change your settings for TWSocket mailing list : >>>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>>>>> Visit our website at http://www.overbyte.be : >>>>>> : >>>>>> -- : >>>>>> To unsubscribe or change your settings for TWSocket mailing list : >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>>>> Visit our website at http://www.overbyte.be : >>>> -- : >>>> To unsubscribe or change your settings for TWSocket mailing list : >>>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>>> Visit our website at http://www.overbyte.be : >>> : >>> -- : >>> To unsubscribe or change your settings for TWSocket mailing list : >>> please goto http://www.elists.org/mailman/listinfo/twsocket : >>> Visit our website at http://www.overbyte.be : >> : >> -- : >> To unsubscribe or change your settings for TWSocket mailing list : >> please goto http://www.elists.org/mailman/listinfo/twsocket : >> Visit our website at http://www.overbyte.be : -- : To unsubscribe or change your settings for TWSocket mailing list : please goto http://www.elists.org/mailman/listinfo/twsocket : Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be