Project

General

Profile

Feature #1545

Add ability to manually declare the authentication type

Added by Luke Murphey over 7 years ago. Updated almost 7 years ago.

Status:
New
Priority:
Low
Assignee:
Target version:
-
Start date:
10/26/2016
Due date:
% Done:

0%


Description

https://answers.splunk.com/answers/469223/is-it-possible-to-switch-to-windows-authentication.html

Need to offer the ability to specify authentication types of basic, advanced, NTLM, auto-detect.

History

#3 Updated by Luke Murphey over 7 years ago

It turns out that authentication auto detection wasn't working correctly. The headers are returned in lowercase (see https://github.com/kennethreitz/requests/issues/1561) but the app assumed they would be in the original case.

#4 Updated by Luke Murphey over 7 years ago

It turns out that the auth header can be a tuple: https://github.com/chimurai/http-proxy-middleware/issues/39

#6 Updated by Luke Murphey over 7 years ago

I faked an NTLM session;

  1. Server responds with 401 and Www-Authenticate: NTLM
  2. Client provides challenge Authorization: NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
  3. Server responds with 401 and Www-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABAAAAAAAAAAAAAAA=
  4. Client provides Authorization: NTLM TlRMTVNTUAADAAAAGAAYAGwAAAAYABgAhAAAAAgACABAAAAACAAIAEgAAAAcABwAUAAAAAAAAAAAAAAAAQAAAHQAZQBzAHQAdABlAHMAdABsAG0AdQByAHAAaABlAHkALQBtAGIAcAAxADUAgiKGu7ODU4Zx7W3Y2A23BfV9JN+XMe+FgiKGu7ODU4Zx7W3Y2A23BfV9JN+XMe+F
  5. Server responds with a 200

#7 Updated by Luke Murphey over 7 years ago

  • Target version deleted (2.0)

#8 Updated by Luke Murphey almost 7 years ago

  • Priority changed from Normal to Low

Also available in: Atom PDF