Closed ncsurfus closed 2 years ago
I've run into this as well in the following scenario (which is handled correctly by curl --ntlm ...
):
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
@blaskovicz Here was a quick work-around I did. It's mostly a copy and paste of negotiator.go with just enough changes to make things work in my scenario.
https://gist.github.com/ncsurfus/fbb806a9c7657ae099dd3636897b8d55
Thanks ill give it a try
@ncsurfus that didn't work unfortunately.
I threw it in the debugger and it gets to rt.RoundTrip(...)
after ntlmssp.ProcessChallenge(...)
which is returning a 401 response.
my second issue may be related to #15. Are you using https or http?
@blaskovicz I'm using https. Some NTLM servers may require channel binding, which I believe is not supported by this library. Channel binding helps validate that the TLS session is not being MITM. With that said I'm no NTLM expert.
@ncsurfus I don't exactly know why, but https://github.com/vadimi/go-http-ntlm solves my scenario. I've spent a good chunk of time debugging this, and, as I'm no NTLM expert nor care to be, will leave it at that for now until someone else is interested in solving this problem.
In any case, thanks for the help, just wanted to throw in my 2cents in case someone else has issues.
Hello, Same here, two headers www-authenticate are in the response, infortunately the ntlm is in the second one…
Possible to include a trick like in @ncsurfus gist? Thanks 😇
Forgive my impatience, I've just submit a PR for this change : https://github.com/Azure/go-ntlmssp/pull/31 I'm looking forward for the merge :)
This should be fixed in #31
If the first Www-Authenticate header is not Basic, NTLM, or Negotiate then this will fail as the referenced code in the link below only gets the first Www-Authenticate header. This also means that if the server offers [Negotiate, NTLM] and the server's implementation of Negotiate only supports Kerberos (it will not fallback to NTLM), then this will fail since only Negotiate is attempted... even though NTLM is offered.
https://github.com/Azure/go-ntlmssp/blob/master/negotiator.go#L63