Closed SadarSSI closed 3 months ago
Hello,
I need to take a look of how to support NTLM, but in the meantime you can use your own local proxy to pass requet to the NTLM proxy. https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-an-ntlm-proxy https://hub.docker.com/r/robertdebock/docker-cntlm/ https://cntlm.sourceforge.net/
ok, I suggest you put this on standby for the moment because the ntlm implementation seems almost obsolete due to security issues.
It should be possible to workaround by using a squid proxy locally with cygwin. Proxy that would forward to the corporate proxy using ntlm (...) The configuration seems quite simple:
#/etc/squid/squid.conf
cache_peer other-proxy.example.com parent 3128 0 no-query default login=user:password
never_direct allow all`
If it works, there will be no need to do this implementation
I come back to you as soon as possible
Hello,
I have bypassed the issue of the proxy requiring NTLM authentication with a Python package called px_proxy.
This package allows you to run a local proxy that forwards to the corporate proxy using NTLM authentication. The stacking of layers is not ideal, but in my case for doing SSH tunneling to SSH or RDP, it works correctly.
I leave it to you to see the opportunity for implementing NTLM authentication in wstunnel.
Thanks
Thank for letting me know. I am, closing the issue, as NTLM seems cumbersome to support, so if i can avoid it :)
Hello,
It's me again with my proxy stories ;-//.
The company I'm working with has changed its proxy authentication rules.
Authentication with the parameters "--http-proxy=proxy.entdom.loc:3128 --http-proxy-login=entdom.loc\MyName --http-proxy-password=MyPasswd" is no longer working.
Since I haven't been able to get any output from the exchanges between wstunnel and the proxy, I've been testing with curl. Here's what happens with the curl command that worked last week:
curl -viL https://www.monip.org/ --proxy entdom.loc\MyName:MyPasswd@proxy.entdom.loc:3128 or curl -viL https://www.monip.org/ --proxy-user entdom.loc\MyName:MyPasswd --proxy proxy.entdom.loc:3129
error HTTP/1.1 407 Proxy Authentication Required
detailed log :
Now, I'm required to specify the type of authentication implicitly with "--proxy-ntlm":
This is a known behavior with NTLM authentication: it needs to be specified explicitly, otherwise it won't work.
I therefore tried to set an HTTP header with --http-headers "Proxy-Authenticate: NTLM" but it didn't work either.
I wasn't able to get a debug mode working in cmd.exe with "set RUST_LOG=debug" and "wstunnel client --log-lvl DEBUG xxxx" but I didn't get any output to stdout/output screen, but I must be doing something wrong
Thanks for your help