Latest report: when I used the Administrator account of Windows, it worked!
:) So I am beginning to think this is a problem with security policies of
some Windows.
Regards,
SZ
----- Original Message -----
From: "Fastream Technologies" <[EMAIL PROTECTED]>
To: "ICS support mailing" <twsocket@elists.org>
Sent: Thursday, September 14, 2006 1:15 PM
Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
: Now it gives SEC_E_LOGON_DENIED. :(
:
: Regards,
:
: SZ
:
: ----- Original Message -----
: From: "Fastream Technologies" <[EMAIL PROTECTED]>
: To: "ICS support mailing" <twsocket@elists.org>
: Sent: Thursday, September 14, 2006 12:30 PM
: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
:
:
:: Hello,
::
:: I found the problem source pinpointed:
::
::
:: if Sec < 0 then
:: begin
:: {$IFDEF DEBUG_EXCEPTIONS}
:: Exception.CreateFmt('Init context failed: 0x%x', [Sec]); //
:: Sec -2146893048 (0x80090308)
::
:: {$ELSE}
:: Result := '';
:: FState := lsDoneErr;
:: Exit;
:: {$ENDIF}
:: end;
::
:: When DEBUG_EXCEPTIONS is defined, it does not set Result := ''; so works!
::
:: Best Regards,
::
:: SZ
::
:: ----- Original Message -----
:: From: "Arno Garrels" <[EMAIL PROTECTED]>
:: To: "ICS support mailing" <twsocket@elists.org>
:: Sent: Thursday, September 14, 2006 12:08 PM
:: Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::
::
::: Fastream Technologies wrote:
::: > Also the unicode directive enabled, it does not compile! Perhaps that
::: > could be a cure?!
:::
::: No, internally user names, domain names etc. are unicoded anyway.
::: To enable the unicode versions of the SSPI functions you need to
: uncomment
::: both defines in OverbyteIcsNtlmSsp.pas as well as in
OverbyteIcsSspi.pas.
:::
::: >
::: > Regards,
::: >
::: > SZ
::: >
::: > ----- Original Message -----
::: > From: "Fastream Technologies" <[EMAIL PROTECTED]>
::: > To: "ICS support mailing" <twsocket@elists.org>
::: > Sent: Thursday, September 14, 2006 11:40 AM
::: > Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: >
::: >
::: >> Hi Arno,
::: >>
::: >> I also wonder if this could be a lifetime/time zone problem? We are
::: >> GMT+200. What is the timeout period of this authentication and did
::: >> you consider different time zones?
::: >>
::: >> Best Regards,
::: >>
::: >> SZ
::: >>
::: >> ----- Original Message -----
::: >> From: "Fastream Technologies" <[EMAIL PROTECTED]>
::: >> To: "ICS support mailing" <twsocket@elists.org>
::: >> Sent: Thursday, September 14, 2006 11:31 AM
::: >> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: >>
::: >>
::: >>> It is very strange that when I enabled DEBUG_EXCEPTIONS, it worked
::: >>> and gave no errors/exceptions! But I cannot deploy in this form...
::: >>> ;(
::: >>>
::: >>> SZ
::: >>>
::: >>> ----- Original Message -----
::: >>> From: "Arno Garrels" <[EMAIL PROTECTED]>
::: >>> To: "ICS support mailing" <twsocket@elists.org>
::: >>> Sent: Thursday, September 14, 2006 10:49 AM
::: >>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: >>>
::: >>>
::: >>>> I tested with Opera successfully!
::: >>>>
::: >>>> Change the format string below in order to get a hex display like:
::: >>>> raise Exception.CreateFmt('Init context failed: 0x%x', [Sec]);
::: >>>>
::: >>>> Post the hex value.
::: >>>>
::: >>>>
::: >>>>
::: >>>> Fastream Technologies wrote:
::: >>>>> Hello,
::: >>>>>
::: >>>>> With FF, after msg3,
::: >>>>>
::: >>>>> Sec := FPSFT^.AcceptSecurityContext(@FHCred,
::: >>>>> pHCtx,
::: >>>>> @InBuffDesc,
::: >>>>>
::: >>>>> ASC_REQ_SEQUENCE_DETECT, // context requirements
::: >>>>> SECURITY_NATIVE_DREP,
::: >>>>> @FHCtx,
::: >>>>> @OutBuffDesc,
::: >>>>> ContextAttr,
::: >>>>> Lifetime);
::: >>>>> if Sec < 0 then
::: >>>>> begin // enters here with Sec = -2^31
::: >>>>> {$IFDEF DEBUG_EXCEPTIONS}
::: >>>>> raise Exception.CreateFmt('Init context failed: %d',
::: >>>>> [Sec]); {$ELSE}
::: >>>>> Result := '';
::: >>>>> FState := lsDoneErr;
::: >>>>> Exit;
::: >>>>> {$ENDIF}
::: >>>>> end;
::: >>>>>
::: >>>>> Arno, do you have any idea?
::: >>>>>
::: >>>>> Best Regards,
::: >>>>>
::: >>>>> SZ
::: >>>>>
::: >>>>> ----- Original Message -----
::: >>>>> From: "Fastream Technologies" <[EMAIL PROTECTED]>
::: >>>>> To: "ICS support mailing" <twsocket@elists.org>
::: >>>>> Sent: Thursday, September 14, 2006 8:20 AM
::: >>>>> Subject: Re: [twsocket] Fw: Urgent (Another simple NTLM question)
::: >>>>>
::: >>>>>
::: >>>>>> Here is the full log:
::: >>>>>>
::: >>>>>> FireFox 1.5.0.6:
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:09 Connection Opened
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:09 From Local
::: >>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
::: >>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
::: >>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept:
::: >>>>>>
::: >>>
::: >>
::: >
::
:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::: >>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::: >>>>>> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::: >>>>>> keep-alive....
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:09 From Remote
::: >>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate:
::: >>>>>> NTLM..Content- Length: 629..Content-Type: text/html..Connection:
::: >>>>>> keep- alive..Server: Fastream IQ Reverse
::: >>>>>> Proxy....<HTML><HEAD><TITLE>401 Authorization ...
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:17 From Local
::: >>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
::: >>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
::: >>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept:
::: >>>>>>
::: >>>
::: >>
::: >
::
:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::: >>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::: >>>>>> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::: >>>>>> keep-alive..Authorization: NTLM
::: >>>>>> TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=....
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:17 From Remote
::: >>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
::: >>>>>>
::: >>>
::: >>
::: >
::
:
TlRMTVNTUAACAAAADAAMADgAAAAFgooC/difEScUAFYAAAAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length:
::: >>>>>> 629..Content-Type: text/html..Connection: keep-alive..Server:
::: >>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization
::: >>>>>> ...
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:17 From Local
::: >>>>>> GET / HTTP/1.1..Host: fastream.homeip.net:82..User-Agent:
::: >>>>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6)
::: >>>>>> Gecko/20060728 Firefox/1.5.0.6..Accept:
::: >>>>>>
::: >>>
::: >>
::: >
::
:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5..Accept-Language:
::: >>>>>> en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
::: >>>>>> windows-1254,utf-8;q=0.7,*;q=0.7..Keep-Alive: 300..Connection:
::: >>>>>> keep-alive..Authorization: NTLM
::: >>>>>>
::: >>>
::: >>
::: >
::
:
TlRMTVNTUAADAAAAGAAYAGIAAAAYABgAegAAAAAAAABAAAAAFgAWAEAAAAAMAAwAVgAAAAAAAAAAAAAABYIIAEcAbwByAGsAZQBtACAAQQB0AGUAcwBsAGEAcAB0AG8AcABc2JyvFDVzpwAAAAAAAAAAAAAAAAAAAABShNO+26e7kFH0QwISJYTrsG5Xb3lYZkM=....
::: >>>>>>
::: >>>>>> 13.09.2006 21:50:17 From Remote
::: >>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
::: >>>>>> ..Content-Length: 629..Content-Type: text/html..Connection:
::: >>>>>> keep-alive..Server: Fastream IQ Reverse
::: >>>>>> Proxy....<HTML><HEAD><TITLE>401 ...
::: >>>>>>
::: >>>>>> Still asking for password here....Forever...
::: >>>>>>
::: >>>>>> IE6XP:
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 Connection Opened
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Local
::: >>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
::: >>>>>> image/pjpeg, application/x-shockwave-flash, application/vnd.ms-
::: >>>>>> excel, application/msword, application/vnd.ms-powerpoint,
::: >>>>>> */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-
::: >>>>>> Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
::: >>>>>> .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
::: >>>>>> Keep- Alive..Cookie:
::: >>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D....
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Remote
::: >>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate:
::: >>>>>> NTLM..Content- Length: 629..Content-Type: text/html..Connection:
::: >>>>>> Keep- Alive..Server: Fastream IQ Reverse
::: >>>>>> Proxy....<HTML><HEAD><TITLE>401 Authorization ...
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Local
::: >>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
::: >>>>>> image/pjpeg, application/x-shockwave-flash, application/vnd.ms-
::: >>>>>> excel, application/msword, application/vnd.ms-powerpoint,
::: >>>>>> */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-
::: >>>>>> Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
::: >>>>>> .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
::: >>>>>> Keep- Alive..Authorization: NTLM
::: >>>>>>
::: >>>
::: >>
::: >
::
:
TlRMTVNTUAABAAAAB7IIogkACQAuAAAABgAGACgAAAAFASgKAAAAD0xBUFRPUFdPUktHUk9VUA==..Cookie:
::: >>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D....
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Remote
::: >>>>>> HTTP/1.1 401 Authorization Required..WWW-Authenticate: NTLM
::: >>>>>>
::: >>>
::: >>
::: >
::
:
TlRMTVNTUAACAAAADAAMADgAAAAFwoqi1rIk+abQsBfodhAAAAAAAEwATABEAAAABQEoCgAAAA9MAEEAUABUAE8AUAACAAwATABBAFAAVABPAFAAAQAMAEwAQQBQAFQATwBQAAQADABsAGEAcAB0AG8AcAADAAwAbABhAHAAdABvAHAABgAEAAEAAAAAAAAA..Content-Length:
::: >>>>>> 629..Content-Type: text/html..Connection: Keep-Alive..Server:
::: >>>>>> Fastream IQ Reverse Proxy....<HTML><HEAD><TITLE>401 Authorization
::: >>>>>> ...
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Local
::: >>>>>> GET / HTTP/1.1..Accept: image/gif, image/x-xbitmap, image/jpeg,
::: >>>>>> image/pjpeg, application/x-shockwave-flash, application/vnd.ms-
::: >>>>>> excel, application/msword, application/vnd.ms-powerpoint,
::: >>>>>> */*..Accept-Language: tr..Accept-Encoding: gzip, deflate..User-
::: >>>>>> Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
::: >>>>>> .NET CLR 1.1.4322)..Host: fastream.homeip.net:82..Connection:
::: >>>>>> Keep- Alive..Authorization: NTLM
::: >>>>>>
::: >>>
::: >>
::: >
::
:
TlRMTVNTUAADAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAAAAAAAEgAAAAAAAAASAAAAAAAAABIAAAABcKIogUBKAoAAAAP..Cookie:
::: >>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D....
::: >>>>>>
::: >>>>>> 13.09.2006 21:48:06 From Remote
::: >>>>>> HTTP/1.1 200 OK..Content-Type: text/html..Connection: Keep-
::: >>>>>> Alive..Server: Fastream IQ Web/FTP Server..Content-Length:
::: >>>>>> 14718..Content-Encoding: gzip..Set-Cookie:
::: >>>>>> IQDomain="NAME=949BB1BDF325862423C53938CEA5EB6D; PATH=/;
::: >>>>>> EXPIRES=Thu, 01 Jan 2009 21:48:06;"..Via: Fastream IQ Reverse
::: >>>>>> Proxy.....<data here>
::: >>>>>>
::: >>>>>>
::: >>>>>> I cut the data sections to obey the ICS list 40kB limit here.
::: >>>>>>
::: >>>>>> Best Regards,
::: >>>>>>
::: >>>>>> SZ
::: >>>>>>
::: >>>>>> --
::: >>>>>> To unsubscribe or change your settings for TWSocket mailing list
::: >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket
::: >>>>>> Visit our website at http://www.overbyte.be
::: >>>> --
::: >>>> To unsubscribe or change your settings for TWSocket mailing list
::: >>>> please goto http://www.elists.org/mailman/listinfo/twsocket
::: >>>> Visit our website at http://www.overbyte.be
::: >>>
::: >>> --
::: >>> To unsubscribe or change your settings for TWSocket mailing list
::: >>> please goto http://www.elists.org/mailman/listinfo/twsocket
::: >>> Visit our website at http://www.overbyte.be
::: >>
::: >> --
::: >> To unsubscribe or change your settings for TWSocket mailing list
::: >> please goto http://www.elists.org/mailman/listinfo/twsocket
::: >> Visit our website at http://www.overbyte.be
::: --
::: To unsubscribe or change your settings for TWSocket mailing list
::: please goto http://www.elists.org/mailman/listinfo/twsocket
::: Visit our website at http://www.overbyte.be
::
:: --
:: To unsubscribe or change your settings for TWSocket mailing list
:: please goto http://www.elists.org/mailman/listinfo/twsocket
:: Visit our website at http://www.overbyte.be
:
: --
: To unsubscribe or change your settings for TWSocket mailing list
: please goto http://www.elists.org/mailman/listinfo/twsocket
: Visit our website at http://www.overbyte.be
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
