I'm thinging to write a NTLM credential plugin for zope3. But as I know, ntlm use 4-way handshake procedure, that means it needs two round-trips between server(zope3) and client(browser).
When I look in the credential plugins, it has challenge mothed. But seems it is only design for 1 round-trip protocol. It can issue one challenge, and return to parent script.
The question is: How can I do this kind 4-way handshake within the challenge mothed or is there any other way design for this kind protocol?
Attach: NTLM handshake
1: C --> S GET ... 2: C <-- S 401 Unauthorized WWW-Authenticate: NTLM 3: C --> S GET ... Authorization: NTLM <base64-encoded type-1-message> 4: C <-- S 401 Unauthorized WWW-Authenticate: NTLM <base64-encoded type-2-message> 5: C --> S GET ... Authorization: NTLM <base64-encoded type-3-message> 6: C <-- S 200 Ok
_______________________________________________ Zope3-users mailing list Zope3email@example.com http://mail.zope.org/mailman/listinfo/zope3-users