Questions tagged [ntlm]

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

NTLM has been deprecated for many uses as it doesn't support the latest standards:

Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM - MSDN and to use Kerberos instead.

Despite this NTLM is still used inside enterprise networks where Microsoft Active Directory provides the enterprise directory service for Integrated Windows Authentication when Kerberos is not available.

NTLM over HTTP handshake is fairly simple:

Request  - [unauthenticated - no user info passed]

Response - 401 Unauthorized
           WWW-Authenticate: NTLM


Request  - Authorization: NTLM <base64-encoded type-1-message>

Response - 401 Unauthorized
           WWW-Authenticate: NTLM <base64-encoded type-2-message>


Request  - Authorization: NTLM <base64-encoded type-3-message>

           Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]

1230 questions

votes

1 answer

Should i trust php variable $_SERVER[AUTH_USER] when signing in via Windows Authentication? IIS intranet hosted app

I've hosted (on IIS 7.5) basic php website, which simply returns me $SERVER variable contents. I have notcied that there are AUTH* array fields: ["AUTH_USER"]=> string(18) "MYDOMAIN\my_username" ["AUTH_PASSWORD"]=> string(0)…

asked Jul 01 '15 at 06:56

user1652792

votes

2 answers

How to configure JBoss EAP 6.3 WebApp for Kerberos authentication

I need to configure JBoss EAP 6.3 to understand Kerberos authentication. My environment consists of: linux server with JBoss EAP 6.3 client station with Windows 7 64bit + Chrome Windows Server 2008 Active Directory (act as KDC) I have already…

java jboss windows-server-2008 kerberos ntlm

asked Mar 17 '15 at 16:08

Josef Bureš

votes

3 answers

HttpClient 4.3.6 returning "WARNING: NEGOTIATE authentication error"

I'm running HttpClient 4.3.6 in Java 6. When I run the following code, the authentication appears to succeed. The Status Code returned is 200. However, I'm getting the following error message in the console: WARNING: NEGOTIATE authentication…

java iis httpclient ntlm

asked Dec 03 '14 at 16:53

Michael Sobczak

1,045
1
24
45

votes

2 answers

HTTP 403 Forbidden coming when using HttpClient authentication mechanism for Sharepoint using NTLM

HTTP/1.1 403 FORBIDDEN Response content length: 729 Result: soap:ServerException of type 'Microsoft.SharePoint.SoapServer.SoapServerException' was thrown.The security validation for this page is invalid. Click Back in your Web browser, refresh the…

java sharepoint proxy httpclient ntlm

asked Oct 15 '14 at 10:08

Phani Gandeed

votes

1 answer

java.io.IOException: Server returned HTTP response code: 400 for URL

I am working on a thread java application that hitting a url to send sms messages the problem is i am behind an NTLM proxy server and i have searched most of the day and tried many solutions but no success the application give the titled error and…

java proxy ntlm

asked Aug 04 '14 at 09:00

Dunken

1,311
7
18
30

votes

1 answer

NTLM Authentication Failed, the server finally response "401", but not "200 OK"

I'm using Node.js to connect to Server with NTLM Authentication. As the NTLM protocol steps below(refer: http://www.innovation.ch/personal/ronald/ntlm.html). 1: C --> S GET ... 2: C <-- S 401 Unauthorized WWW-Authenticate:…

ntlm

asked Jul 12 '14 at 07:44

kevin_song

votes

1 answer

soap webservice client using apache cxf, for ntlm authentication

I want to develop a SOAP client using CXF to connect to SharePoint. The authentication scheme is NTLM. I am blocked on a scenario where the logged-in user of a machine (on which the SOAP client is being run) has access to SharePoint. The CXF soap…

java cxf soap-client ntlm

asked Jun 30 '14 at 19:26

Vinay

votes

1 answer

node.js HTTP request with automatic ntlm / kerberos authentication

Looking through npm all ntlm / kerberos modules seem to want a hard coded username and password when performing HTTP requests against a windows authenticated endpoint. Is it possible to use the credentials of the currently logged in user? e.g. In…

node.js ntlm node-request

asked May 06 '14 at 13:08

Fergal

2,484
2
36
48

votes

2 answers

Can't authenticate with different NTLM credentials in one session with java.net.URLConnection

When I access a HTTP server using the standard Java API (java.net.URLConnection), the credentials are "cached" after the first successful authentication, and subsequent calls to Authenticator.setDefault() have no effect. So, I need to restart the…

java windows authentication ntlm java-6

asked Feb 05 '10 at 16:26

ndeuma

votes

1 answer

iOS: is NSURLAuthenticationChallenge send encrypted credentials over the network?

My iOS app is connecting to the Sharepoint web service and Sharepoint is used NTLM authentication. At my side i have implemented below code for NTLM authentication: - (void)connection:(NSURLConnection *)connection…

ios sharepoint encryption ntlm nsurlcredential

asked Nov 12 '13 at 10:47

Nikh1414

1,238
2
19
35

votes

1 answer

How to pass windows authentication from ".aspx" page to ".ashx" handler

I have a page "Download.aspx" which requires Windows Authentication. When the user logs in they are presented with a list of links to files that they can download. The links actually point to a "ZipHandler.ashx" handler which processes the…

c# asp.net httphandler ntlm

asked Nov 01 '13 at 18:26

skeletank

2,880
5
43
75

votes

2 answers

Firefox NTLM Credentials to localhost

I'm trying to setup a WebAPI web service and website that will operate on our company intranet. I'm using IIS to host the webservice (A) as well as my website (B). A page on my website makes a request to the web service thusly: var URL =…

firefox authentication iis ntlm

asked Aug 01 '13 at 22:20

nickvans

votes

2 answers

How to check NTLM type3 message? (node.js)

I want to write a http server with node.js that supports NTLMv2 authentication. Evertything works fine with the handshak (type1, type2, type3 messages) and I get my type3-message from the client (Chrome Browser). In this message that is being sent…

node.js http active-directory ntlm ntlmv2

asked Jun 28 '13 at 10:31

Laryllan

votes

1 answer

How to do NTLM Authentication using Indy 10 in Delphi 7?

I want to do NTLM Authentication with Indy 10 Components in Delphi 7 . Here is my source code : uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs ,StdCtrls, IdBaseComponent, IdComponent, IdTCPConnection, …

delphi indy ntlm

asked Apr 26 '13 at 07:17

CyprUS

4,159
9
48
93

votes

2 answers

PHP NTLM session with cURL

So a little trivia first.. There is written in ASP.NET website, which uses NTLM protocol to authenticate users that want to log in. It's perfectly ok when they normally use it, they type in website URL, they provide their credentials, authenticate…

php curl active-directory ldap ntlm

asked Feb 27 '13 at 11:07

Przemysław Kalita

1,977
3
18
28

Prev 1 2 3

…

81 82 Next