NTLM and SSL

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

NTLM and SSL

Thomas Stalzer
Hi Everyone

I hope you have great days in Charlotte ;-)

I am trying to get access to the MS Exchange webservices and my first hurdle is NTLM authentification. After spending some time in trying to figure out the datastructures for the NTLM messages, I tried a different approach using the winhttp implementation from vastgoodies.

However, if I make a https call to the Exchange server (IIS server), I get a 12175 error from the OS. I can call other https sites so I believe https/ssl is working. 

Does anyone have an idea on what it might be that I cannot access the IIS https server using winhttp? Thanks

--Thomas

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: NTLM and SSL

Seth Berman
Greetings Thomas,

I can not answer your specific question regarding IIS error codes, but I'll point out that
part of what we are working on for 9.2 is a new Auth framework for Sst.
NTLM is being evaluated for inclusion in this framework for 9.2 since we have had some other customer queries for this.

Kind Regards,

Kind Regards,
- Seth

On Tuesday, March 19, 2019 at 4:11:10 AM UTC-4, Thomas Stalzer wrote:
Hi Everyone

I hope you have great days in Charlotte ;-)

I am trying to get access to the MS Exchange webservices and my first hurdle is NTLM authentification. After spending some time in trying to figure out the datastructures for the NTLM messages, I tried a different approach using the winhttp implementation from vastgoodies.

However, if I make a https call to the Exchange server (IIS server), I get a 12175 error from the OS. I can call other https sites so I believe https/ssl is working. 

Does anyone have an idea on what it might be that I cannot access the IIS https server using winhttp? Thanks

--Thomas

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: NTLM and SSL

Thomas Stalzer


On Tuesday, March 19, 2019 at 4:07:18 PM UTC+1, Seth Berman wrote:
NTLM is being evaluated for inclusion in this framework for 9.2 since we have had some other customer queries for this.

Kind Regards,

Kind Regards,
- Seth


Hello Seth

That is great news !!!! (Hope you do not have to fight too much with the "Message Type 3"....)

If you need help on this - I got quite far with the messages..

--Thomas 

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: NTLM and SSL

Thomas Stalzer
In reply to this post by Thomas Stalzer
Hi Everyone

I just wanted to share a short script in order to use the winhttp library from VASTGoodies and NTLM authentification. We use it access an MS Exchange Server. The biggest "hurdle" was to figure out that the domainname and username had to be in lowercase (whatever they are in the Windows AD)

 | session result url aWSStream status resultData |
 url
:= 'https://<server>/ews/Services.wsdl' winHttpAsUrl.
 
[
 session
:= WinHttpSession new.
 connection
:= session connectToUrl: url.
 request
:= connection openRequest: 'GET' to: '/',url absolutePath.
 request setSecurityOptionIgnoreBadCertificate
.
 request send
.
 result
:= request getResponse.
 
(result status code==200) ifFalse: [
 
"No authentification necessary, just return the data"
 
^ resultData := result contents.
 
].
 
(result status code==401) ifFalse: [
 
"Whatever this is, it is not NTLM authentification"
 
"Put your errorhandler here"
 
^ self.
 
].
 
"Domain and User have to be lowercase !!!!"
 request setCredentials
: '<domain>\<user>' and: '<password>'.


 request send
: nil withExtraHeaders: nil totalLength: 0.
 request responseReceived
: false.
 result
:= request getResponse.
 
(result status code==200) ifFalse: [
 
"Whatever this is...."
 
^ self.
 
].
 resultData
:= result contents.
 
] ensure [
 request ifNotNil
: [ :obj | obj release].
 connection ifNotNil
: [ :obj | obj release].
 session ifNotNil
: [ :obj | obj release].
 
].
 resultData inspect
.




--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: NTLM and SSL

rjulianford
In reply to this post by Seth Berman
Hi, Seth.

I just recently took on a new client whose EMail provider uses NTLM authentication.
So, I am very pleased to hear that this may be included in 9.2.

I thought I'd let you know, for purposes of judging the level of interest in this.

Julian


On Tuesday, March 19, 2019 at 11:07:18 AM UTC-4, Seth Berman wrote:
Greetings Thomas,

I can not answer your specific question regarding IIS error codes, but I'll point out that
part of what we are working on for 9.2 is a new Auth framework for Sst.
NTLM is being evaluated for inclusion in this framework for 9.2 since we have had some other customer queries for this.

Kind Regards,

Kind Regards,
- Seth

On Tuesday, March 19, 2019 at 4:11:10 AM UTC-4, Thomas Stalzer wrote:
Hi Everyone

I hope you have great days in Charlotte ;-)

I am trying to get access to the MS Exchange webservices and my first hurdle is NTLM authentification. After spending some time in trying to figure out the datastructures for the NTLM messages, I tried a different approach using the winhttp implementation from vastgoodies.

However, if I make a https call to the Exchange server (IIS server), I get a 12175 error from the OS. I can call other https sites so I believe https/ssl is working. 

Does anyone have an idea on what it might be that I cannot access the IIS https server using winhttp? Thanks

--Thomas

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: NTLM and SSL

Seth Berman
Noted:)

Thanks for the feedback!

- Seth

On Tuesday, April 9, 2019 at 9:30:12 AM UTC-4, [hidden email] wrote:
Hi, Seth.

I just recently took on a new client whose EMail provider uses NTLM authentication.
So, I am very pleased to hear that this may be included in 9.2.

I thought I'd let you know, for purposes of judging the level of interest in this.

Julian


On Tuesday, March 19, 2019 at 11:07:18 AM UTC-4, Seth Berman wrote:
Greetings Thomas,

I can not answer your specific question regarding IIS error codes, but I'll point out that
part of what we are working on for 9.2 is a new Auth framework for Sst.
NTLM is being evaluated for inclusion in this framework for 9.2 since we have had some other customer queries for this.

Kind Regards,

Kind Regards,
- Seth

On Tuesday, March 19, 2019 at 4:11:10 AM UTC-4, Thomas Stalzer wrote:
Hi Everyone

I hope you have great days in Charlotte ;-)

I am trying to get access to the MS Exchange webservices and my first hurdle is NTLM authentification. After spending some time in trying to figure out the datastructures for the NTLM messages, I tried a different approach using the winhttp implementation from vastgoodies.

However, if I make a https call to the Exchange server (IIS server), I get a 12175 error from the OS. I can call other https sites so I believe https/ssl is working. 

Does anyone have an idea on what it might be that I cannot access the IIS https server using winhttp? Thanks

--Thomas

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.