Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

I debugged the code and this is the problem (client sending data before receiving 401). Here is my idea: In OnDataAvailable, instead of FRcvdLine = RecieveStr(); we need to count the number of bytes we receive and then pass to the hcRequest state (PostDataReceived()) after that! Regards, SZ

[twsocket] complex problem, probably not ICS related

Hello, sorry, this will be just a tiny bit longer... ;-) I'm currently building some large application where several parts will act together. Two of them are connected via TCP and TWSocket. One is client and one server (okay there is TWSocketServer, but since there's always a 1:1 relation between

Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

Fastream Technologies schrieb: > > I see why I did not face this problem before with other auth methods: > because they (basic + digest) send 401 response only once per connection and > the first request most probably is a GET. However, NTLM requires each > request to have its own 401! That would

Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

> : > : > :: Hi, > :: > :: For those of you not having followed the very long thread Urgent... > :: Here is an updated version of the THttpSrv supporting NTLM available. > :: http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip > :: > :: Read readme.txt for how to install.

Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

Here is an updated version of the THttpSrv supporting NTLM available. >> http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip >> >> Read readme.txt for how to install. >> This is for ICS V6 only. >> >> I'd be happy if someone test it in a domain

Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

ere is an updated version of the THttpSrv supporting NTLM available. :: http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip :: :: Read readme.txt for how to install. :: This is for ICS V6 only. :: :: I'd be happy if someone test it in a domain environment, since I'm :: runnin

Re: [twsocket] THttpSrv supporting NTLM Beta (updated)

e. : http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip : : Read readme.txt for how to install. : This is for ICS V6 only. : : I'd be happy if someone test it in a domain environment, since I'm : running peer to peer. It includes a modified Websrv demo, a compiled : EXE is a

[twsocket] THttpSrv supporting NTLM Beta (updated)

Hi, For those of you not having followed the very long thread Urgent... Here is an updated version of the THttpSrv supporting NTLM available. http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip Read readme.txt for how to install. This is for ICS V6 only. I'd be happy if someone

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Stadin, Benjamin wrote: > FF has a function table for > function calls to Windows' own secure32.dll / security.dll to provide > SSPI functionality (also a good lesson in C programming, OverbyteIcsSspi as well ;-) this how the API works! --- Arno Garrels [TeamICS] http://www.overbyte.be/eng/over

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I remember that there was the same problem in ICS-SSL with Firefox in the beginning. I think the connection isn't closed when this happens. Check with your network sniffer if that's the case and set a break point to check whether the connection is closed in your code. I don't believe that this is a

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Hello, Perhaps you can check out POSTing with IQRP 1.2b1 (http://www.fastream.net/beta/IQReverseProxy.exe) and let us know? All you need to do is, - define the web server IP/port in Servers - Go to URL Rules and assign the web server to Default (catch-all) URL rule - Enable NTLM authentication

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I don't think so. NTLM works fine for me in FF ever since. FF just fills data into an NTLM context struct and if the message is complete it is used. This has nothing to do with a state machine. And btw, I've looked at the Pascal code of this pslib, I think it's more a hack than a solution. Firefox

Re: [twsocket] HttpServer Application

> Francoise, You added an 'e' at the end of my first name, making it female (that's how french works). Don't worry. > I am using Delphi 5 and I don't beleive the latest Beta supports it. I > seem to remember seeing something that said this was the case but please > correct me if I am wrong. Yo

Re: [twsocket] HttpServer Application

> I am using Delphi 5 and I don't beleive the latest Beta supports it All versions and betas of ICS currently support Delphi 5. Such support is planned to be removed from a later version of V6. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.el

Re: [twsocket] IcsZLibObj

> I just checked and I noticed that the dir written in the $L > directive has a different case of the directory name that contains > the .obj files. Certainly no harm in correcting it, next time I can reproduce the error, I was using several ICS/Delphi combinations last week and it gets very c

Re: [twsocket] HttpServer Application

Francoise, I am using Delphi 5 and I don't beleive the latest Beta supports it. I seem to remember seeing something that said this was the case but please correct me if I am wrong. Anyway, the WebServ App is there and so is the template code.So, I create a template of HTML with special "tags

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

One last lesson: when NTLM POST is taking place, if you press too frequently on Mozilla, the progress meter stalls. When you click on another link it works fine then. This does not happen with IE. I think this is a FF bug in their state machine! Best Regards, SZ - Original Message -

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Hello Arno, Seems cool now! http://www.fastream.net/beta/IQReverseProxy.exe (1.2b1). I will need to complete the HTML authentication until next week now... Hmm. ;) Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday,

Re: [twsocket] IcsZLibObj

Scrive Angus Robertson - Magenta Systems Ltd <[EMAIL PROTECTED]>: > > I keep getting the "File not Found . adler32.obj" error when > > attempting to compile projects with ICS. > > Try copying the OBJ files into the same directory as IcsLibObj. I had > to do this to build ICS under Delphi 6

Re: [twsocket] IcsZLibObj

> I keep getting the "File not Found . adler32.obj" error when > attempting to compile projects with ICS. Try copying the OBJ files into the same directory as IcsLibObj. I had to do this to build ICS under Delphi 6 the other day, it should not be necessary... Angus -- To unsubscribe or ch

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? No it is not. Same as with digest that also works in my demo with 1.0. > What should we do if the server admin specifies NTLM but the client > does not support HTTP/1.1? Is this a rare situation? >

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Ah, ok. But how does NTLM works with HTTP/1.0 then? Is it 1.1 only? What should we do if the server admin specifies NTLM but the client does not support HTTP/1.1? Is this a rare situation? Best Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

NTLM requires Keep-Alive, but the server sends "Connection: close" in the header of 401Answer. Fastream Technologies wrote: > Here it is: http://www.fastream.com/ics/ntlm.pcap > > Regards, > > SZ > > - Original Message - > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Here it is: http://www.fastream.com/ics/ntlm.pcap Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:36 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Fastream Technologies w

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Basicallly the ntlmmessage = NULL where it must not be--ethereal > calls this > malformed header!!! Please, please, please upload the Ethereal dump in as a *.pcap file somewhere so we can open it with ethereal. -- To unsubscribe or change your settings for TWSocke

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I just noticed that Ethereal cannot dump the protocol insight. :( Or maybe there is a way?? Arno, I think you will need to use the POST demo together with NTLM to test against. Benjamin, thanks for the empty password idea! Best Regards, SubZero - Original Message - From: "Fastream T

[twsocket] IcsZLibObj

I keep getting the "File not Found . adler32.obj" error when attempting to compile projects with ICS. I have the zobj123 directory added to my search path, and if I compile again when the compiler stops on the initialization section of the IcsXLibObj file then it compiles fine. Do I need to

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Basicallly the ntlmmessage = NULL where it must not be--ethereal calls this malformed header!!! Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 3:15 PM Subject: Re: [twsocket] Fw: Urgent (A

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Ok I recreated the user "a" with a non-null pwd and it worked. BUT POST does not work in ANY browser! Never authenticates. This is the Ethereal dump: Ôò¡  ÿÿ
€E E¬D ú ú v÷êË [EMAIL PROTECTED] E ì-@ €E&À¨À¨“ PqÃA…h7õµPÿÿX] POST / HTTP/1.1 Accept: image/gif, image

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Latest report: when I used the Administrator account of Windows, it > worked! :) So I am beginning to think this is a problem with security > policies of some Windows. Also turn on eventlog, monitor the security events. > Regards, > > SZ > > - Original Messa

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I said that several times. You must at least have "admin helper" (I don't remember what specific privileges are needed) rights to query the user db, also if you want to auth in a domain your app must run as domain user with sufficent rights. This is also the case with MS user management utility for

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Even IE6 does not work with HTTP POST under NTLM! > > I have setup a server and will try on that. In the first place we should make the demo working, so we can be sure the problem is not in your proxy code. Why does it work on my boxes with the same browsers, why d

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I uploaded a new version, added error logging to the demo and fixed some minor bugs. EXE is also included. http://www.duodata.de/misc/delphi/V6-HttpSrv-Ntlm-20060914.zip Though it won't fix the problem. Fastream Technologies wrote: > Yes it is 0 here as well! > > - Or

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Even IE6 does not work with HTTP POST under NTLM! I have setup a server and will try on that. Regards, SZ - Original Message - From: "Maurizio Lotauro" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 2:33 PM Subject: Re: [twsocket] Fw: Urgent (Another

Re: [twsocket] HttpServer Application

> This maybe a little OT but it's related to the use of ICS. Not OT at all ! > I have some real-time data generated by my application that I'd like external users to be able to view in the form of a web page. My web programming knowledge is scant to say the least. I know I can use the HttpServ

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Scrive Fastream Technologies <[EMAIL PROTECTED]>: > Ethereal does not work on localhost!! I put together these logs using > socketspy. I think that if you want to know if your application works you should reproduce a real environment. Will your reverse proxy run on a "real" server or on the sa

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Yes it is 0 here as well! - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 2:13 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Arno Garrels wrote: : > Arno Garrels wrote: : >> Fastream Tec

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Arno Garrels wrote: > Arno Garrels wrote: >> Fastream Technologies wrote: >>> Latest report: when I used the Administrator account of Windows, it >>> worked! :) So I am beginning to think this is a problem with >>> security policies of some Windows. >> >> Yesterday I tested on a out-of-the-box, ne

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Ethereal does not work on localhost!! I put together these logs using socketspy. IE does not ask for credentials until you press POST then it begins not accepting even the administrator password! Opera gets the server go 100% CPU. FF only accepts administrator password. Regards, SZ - Ori

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Arno Garrels wrote: > Fastream Technologies wrote: >> Latest report: when I used the Administrator account of Windows, it >> worked! :) So I am beginning to think this is a problem with security >> policies of some Windows. > > Yesterday I tested on a out-of-the-box, new XP SP2 installation, since

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Scrive Fastream Technologies <[EMAIL PROTECTED]>: > Here is the full log: How are these logs created? I asked for ethereal logs because it decode the NTLM message, so we can see what domain and username will send by each client (you can do this yourself). Both browser asking for credential or o

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Also even with IE6XP, POST does not work under my reverse proxy whereas it works with Digest. Digest also has a 3-message mechanism. Did you test with POST?? Regards, SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September

Re: [twsocket] HttpServer Application

You can use a web programming framework like asp, php or asp.net to deliver your web content dyncamically On Thu, 14 Sep 2006 11:24:29 +0100, you wrote: > This maybe a little OT but it's related to the use of ICS. > > I have some real-time data generated by my application that I'd like > ext

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Latest report: when I used the Administrator account of Windows, it > worked! :) So I am beginning to think this is a problem with security > policies of some Windows. Yesterday I tested on a out-of-the-box, new XP SP2 installation, since this box had a hd crash :( Y

[twsocket] HttpServer Application

This maybe a little OT but it's related to the use of ICS. I have some real-time data generated by my application that I'd like external users to be able to view in the form of a web page. My web programming knowledge is scant to say the least. I know I can use the HttpServ component to creat

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Latest report: when I used the Administrator account of Windows, it worked! :) So I am beginning to think this is a problem with security policies of some Windows. Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thurs

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Now it gives SEC_E_LOGON_DENIED. :( Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 12:30 PM Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question) : Hello, : : I found the prob

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I do not know how to do this in FF. Also, see my previous message as I think I found the source of the problem. What's annoying with the problem is that in Opera, it causes 100% CPU usage ON THE SERVER-SIDE--typical DoS. Best Regards, SZ - Original Message - From: "Stadin, Benjamin"

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

FS, can you try it with FF with the site added to the trusted URIs and NTLM auto-login enabled? -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Hi Arno, > > I also wonder if this could be a lifetime/time zone problem? We are > GMT+200. What is the timeout period of this authentication and did > you consider different time zones? I do not think so. Function AcceptSecurityContext (NTLM) is documented here: ht

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Hello, I found the problem source pinpointed: if Sec < 0 then begin {$IFDEF DEBUG_EXCEPTIONS} Exception.CreateFmt('Init context failed: 0x%x', [Sec]); // Sec -2146893048 (0x80090308) {$ELSE} Result := ''; FState := lsDoneErr;

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Fastream Technologies wrote: > Also the unicode directive enabled, it does not compile! Perhaps that > could be a cure?! No, internally user names, domain names etc. are unicoded anyway. To enable the unicode versions of the SSPI functions you need to uncomment both defines in OverbyteIcsNtlmSsp.p

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Also the unicode directive enabled, it does not compile! Perhaps that could be a cure?! Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 11:40 AM Subject: Re: [twsocket] Fw: Urgent (Another

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

Hi Arno, I also wonder if this could be a lifetime/time zone problem? We are GMT+200. What is the timeout period of this authentication and did you consider different time zones? Best Regards, SZ - Original Message - From: "Fastream Technologies" <[EMAIL PROTECTED]> To: "ICS support

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked and gave no errors/exceptions! But I cannot deploy in this form... ;( SZ - Original Message - From: "Arno Garrels" <[EMAIL PROTECTED]> To: "ICS support mailing" Sent: Thursday, September 14, 2006 10:49 AM Subject: Re: [t

Re: [twsocket] Interesting connect problem

> Any suggestions on how I can prevent this behaviour from > holding up my system in the future ?? Implement a timeout which would reset the connection even before it is established. A simple TTimer would do. Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html -- [EMAIL PROTEC

Re: [twsocket] Fw: Urgent (Another simple NTLM question)

I tested with Opera successfully! Change the format string below in order to get a hex display like: raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]); Post the hex value. Fastream Technologies wrote: > Hello, > > With FF, after msg3, > > Sec := FPSFT^.AcceptSecurityContext(@FHC

Re: [twsocket] Interesting connect problem

Implement your own timeout using a timer. I think calling abort on the WSocket should cancel the connection attempt. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erich Kuba Sent: 14 September 2006 01:32 To: ICS support mailing Subject: [twsocket]