[squeak-dev] Re: WebClient with proxy NTLM authentication
Andreas Raab
andreas.raab at gmx.de
Thu Sep 16 20:38:06 UTC 2010
On 9/16/2010 12:03 PM, Denis Kudriashov wrote:
> Thank you, Andreas for response.
>
> I really prefer 1) option. I hate C stuff.
> I examine VW code for NTLM and It's not really difficult.
Could be. My reason to go with option 2) was that doing it this way gets
you Kerberos authentication (Negotiate/SPNEGO) for free, which was a
customer requirement for our deployments.
Cheers,
- Andreas
>
> And maybe I can use CurlPlugin for that. It's will be more simple
> solution for me
>
> 2010/9/16 Andreas Raab <andreas.raab at gmx.de <mailto:andreas.raab at gmx.de>>
>
> On 9/16/2010 5:43 AM, Denis Kudriashov wrote:
>
> Is WebClient supports proxy NTLM authentication?
>
>
> It doesn't.
>
>
> If not Can you advise me how two implement it?
>
>
> You have basically two options:
> 1) Implement it from scratch. There are a number of resources that
> describe NTLM in detail (basically reverse-engineered since there's
> no official documentation), for example:
>
> http://www.innovation.ch/personal/ronald/ntlm.html
>
> 2) Implement it via a plugin using the Microsoft SSP interface. Your
> starting point would be here:
>
> http://msdn.microsoft.com/en-us/library/aa375512%28VS.85%29.aspx
>
> FWIW, we went for option #2 in our products; the authentication part
> is tricky (lots of details) but straightforward in principle (i.e.,
> you basically call InitializeSecurityContext twice and are done).
>
> Cheers,
> - Andreas
>
>
>
>
>
More information about the Squeak-dev
mailing list
|