New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication... #10
Comments
Greetings @pkreipke ! I have not had a chance to test NTLM auth, but all of the libraries I am using for file upload and download profess to support NTLM as well as digest. Have you tried authenticating against an NTLM-secured SharePoint instance unsuccessfully? (You will need to provide <domain\username> rather than user@domain.yyy when prompted for credentials.) As for Forms Auth, I did not have plans to support, but if you have a public facing instance and don't mind provisioning a test user account for me, I'm happy to look into the total effort to implement. Appreciate the feedback. Thanks! |
Hi Chris, Yes, I had been testing against NTLM and it wasn't working. In fact my issue was a mixed mode environment that was trying Forms first. By making one simple change to the requests, it works: That is, if I try to access SP's /_api/... REST endpoints in mixed mode, I had to add the following header to the GET and POST calls to work, including /_api/contextinfo: ` I double checked this by stepping through sp-request's requestDigest() functions and adding the 'headers' attribute to coreOptions just before the POST call (careful not to overwrite the method attribute). Unfortunately, requestDigest() doesn't accept an option argument and that's what you're calling in verify() so it will need a fix too. I suspect but am not sure that IF sp-request and it's helpers are assuming NTLM (since you mentioned forms aren't implemented) that you could add to default request options. Best, |
Hmm. I wanted to test vscode ResetCredentials menu so I added the headers to your verify() function on my local machine in .vscode/extensions/..., restarted vscode and it didn't work. Is there a way to debug the extensions themselves? When I type in "Domain\username" does your code parse that out and use the separate options on the sp-request.create() function param? Per |
Sorry - I mean I added the option inside sp-request.requestDigest() call to spr.post(). in node_modules. Perhaps that's not being picked up. |
the node_modules folder holds code dependencies that are resolved to strictly versioned libraries, hosted on NPM's servers, at build/deploy time which means that any changes in that folder will only work locally. Thanks for the PR, I'll merge those changes into the 0.10.2 branch and check in today. If you don't mind, can you build from that branch locally and test the changes? If they work for you i'll make sure they are included in the 0.10.2 release. Appreciate the support and thanks for using SPGo! |
@pkreipke branch 0.10.2 with beta NTLM support has been created and committed. Please let me know if this works in your environment. |
@sg-chrishasz Appreciate the fix. I'm sorry, haven't had time to test yet. Will let you know as soon as I do. |
Hello Guys, i was unable to authenticate in either one so, i extended my website to intranet zone using only NTLM (with wwwauth enabled) and it work and it worked like a charm. that said , maybe would help other newbies if the readme from i will let u know if i find anything else. |
@lafayetteduarte - Glad to hear that you were able to get SPGo working. Adding specific authentication details to the readme.md file is a good idea and I'll add it to the 0.10.2 release. Just a quick clarification question - Were you able to get NTLM + wwwauth working on build 0.10.1, or did you use the current (unreleased) 0.10.2 branch? |
@sg-chrishasz yep. i was able to connect using on 0.10.1. my env is laid out as:
SP GO on v 0.10.1 can connect using my AD credentials only on my intranet zone ( wich is using NTLM only on auth setings). will try to disable the basic auth and test again to see if SPGO 0.10.1 can authenticate using pure NTLM. |
Thanks for the detailed info! I am building better support for NTLM auth into 0.10.2, so this is timely feedback. |
Updates on testing 0.10.2 with NTLM: Your new RequestHelper code successfully splits domain from username and sets it up for the auth call. However, it still didn't work for me without the "X-FORMS_BASED_AUTH_ACCEPTED” header mentioned above. I stepped through the code starting from RequestHelper where the request is created and manually added the header inside sp-request’s SPRequest.js as soon as I could and that made it work! I think if sp-request's requestDigest() allowed a second arg with options it would simply work for my NTLM setup. I tested over HTTPS and HTTP and both worked.
Once working, what a great tool! I was able to sync a folder down and save changes to files back up! Very cool - will experiment. |
Ok, that was me with a dev hat on - obviously just adding a function parameter doesn't help the end user. I'm not sure when that header option should be added: every call or triggered only off a setting in SPGo.json file. |
Key info:
I'm happy to help test more. Per |
Hello Everyone! Sorry for the delayed response - I am not ignoring you all on purpose! @pkreipke is correct, this issue is only faced when using mixed-mode authentication (when forms is involved). I'm working on solving this issue via two paths:
Thanks for bearing with me on this. If I'm unable to get an update for mixed mode authentication via the channels above, I'll probably end up rewriting the functionality locally, which will need an entire release on its own. I'll keep you all updated on this front. Thanks, again, for using SPGo! |
Checking back in.... Since sppull changes were made, if I update to 0.10.2 branch will I get those updates as well and can test for you? |
Hello @pkreipke I just pushed a commit to the 0.10.2 which should correctly implement NTLM support for mixed-mode environments. Please do test and let me know if you run into any issues. [Edit] - You will need to re-run the Thanks, again, for the patience. |
@pkreipke @lafayetteduarte I just released 0.10.2 to the VS Marketplace. This should resolve all of the issues raised for Authentication (as well as adding support for ADFS and FBA). Please reopen these issues if you find any bugs. Thanks! |
Hi,
I'm looking forward to using SPGo!
From the authentication code it looks like Digest authentication is the only supported authentication.
Is there an easy way to enhance SPGo (or via VSCode) to use NTLM? How about a Forms based SP 2013 authenticator?
Per
The text was updated successfully, but these errors were encountered: