Fix NTLM Proxy authentication issues. #387

Open
wants to merge 1 commit into
from

Conversation

Projects
None yet
2 participants

I found two issues when authenticating against NTLM Proxy on Mac OSX. I am testing AsiHttpRequest with Microsoft Forefront TMG server as the proxy.

Issue 1) Http request's user credential is used for proxy credential.

For most use cases, user will have proxy credential stored in the keychain.
Look for credential in keychain first, then use the http request credential.

Issue 2) From wireshark network traces, calling startRequest twice does not
actually send the NTLM proxy auth challenge response. The third startRequest
will send the auth challenge response and get past the proxy authentication.

There must be a different root cause for not responding for the NTLM auth challenge with the original code. By making the 3rd startRequest call, I can workaround this issue, however.

Fix NTLM Proxy authentication issues.
Issue 1) Http request's user credential is used for proxy credential.
For most use cases, user will have proxy credential stored in the keychain.
Look for credential in keychain first, then use the http request credential.

Issue 2) From wireshark network traces, calling startRequest twice does not
actually send the NTLM proxy auth challenge response.  The third startRequest
will send the auth challenge response and get past the proxy authentication.

ShiQiao commented Mar 13, 2014

Thanks for your attention !

在 2014-3-13,上午12:13,haroldteramoto notifications@github.com 写道:

I found two issues when authenticating against NTLM Proxy on Mac OSX. I am testing AsiHttpRequest with Microsoft Forefront TMG server as the proxy.

Issue 1) Http request's user credential is used for proxy credential.

For most use cases, user will have proxy credential stored in the keychain.
Look for credential in keychain first, then use the http request credential.

Issue 2) From wireshark network traces, calling startRequest twice does not
actually send the NTLM proxy auth challenge response. The third startRequest
will send the auth challenge response and get past the proxy authentication.

There must be a different root cause for not responding for the NTLM auth challenge with the original code. By making the 3rd startRequest call, I can workaround this issue, however.

You can merge this Pull Request by running

git pull https://github.com/haroldteramoto/asi-http-request master
Or view, comment on, or merge it at:

#387

Commit Summary

Fix NTLM Proxy authentication issues.
File Changes

M Classes/ASIHTTPRequest.m (22)
Patch Links:

https://github.com/pokeb/asi-http-request/pull/387.patch
https://github.com/pokeb/asi-http-request/pull/387.diff

Reply to this email directly or view it on GitHub.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment