Re: Use libwin32 along with HTTP-DAV?

Tue, 30 Nov 2010 15:18:23 -0800 

Hi,

the main problem seems to be Authen::NTLM.

There are two packages with this name present on CPAN:
- (1) http://search.cpan.org/~buzz/NTLM-1.05/ (used along with 
LWP::Authen::NTLM)
- (2) http://search.cpan.org/dist/Authen-NTLM/ (not used)

I have tested both of them accessing a sharepoint (IIS6) and an APACHE server 
with mod_auth_sspi (http://sourceforge.net/projects/mod-auth-sspi/). And IIS 
and APACHE show the same behavior for each of the two packages: return a 500 
internal server error in response to the Negotiate Message.

Since NTLM access works with CURL, I compared the headers sent by CURL and 
those sent by the perl modules. And they're way different:
the CURL headers don't seem to have anything in the DomainName- and 
Workstation-Fields and it's Negotiate Message is accepted by both of the 
servers, whereas the headers of the two perl modules both turn into the 500 
internal server error.

I think, the work that needs to be done is not in the HTTP::DAV module but in 
the Authen::NTLM module itself.
And since module (1) above is used directly by LWP, I'd prefer to do a 
re-implementation of the module so that it truly matches the specification.

By the way: on several places I came through during the investigations to this 
topic, there was claimed that NTLM has to be re-engineered 'cause there's no 
specification available. But MSDN obviously has one: 
http://msdn.microsoft.com/en-us/library/cc236621

Am 30.11.2010, 09:47 Uhr, schrieb Cosimo Streppone <cos...@streppone.it>:


On Mon, 29 Nov 2010 19:13:07 +0100, eckes <meliundec...@googlemail.com>
wrote:


I'm currently trying to access a sharepoint server (IIS) using perl.
The server allows only login through NTLM.

[...]

Therefore, I'd like to know:
- can I use libwin32 to authenticate via NTLM?
- if so, can I take the libwin32 object together with the HTTP-DAV
module? Has this been done before?


I seem to remember someone has tried this in the past
without great results.

I have no whatsoever knowledge of NTLM,
nor any IIS systems on which I can test this, but
as the current maintainer of HTTP::DAV, I'm definitely
willing to help you integrating a working Authen::NTLM
into HTTP::DAV, whatever that might mean.

Ping me or open a ticket on HTTP::DAV,

   https://rt.cpan.org/Public/Dist/Display.html?Name=HTTP-DAV




--
Markus & Melanie Erlmann
Röthenbacher Hauptstrasse 84
90449 Nürnberg

0911-8018085

Reply via email to