Steven Garno
2015-09-02 22:42:35 UTC
Support,
We seem to be experiencing some difficulties in getting libcurl to work with NTLM and Kerberos authentication on a windows platform. Any help would be greatly appreciated.
Here is the problem:
We have a site configured to use NTLM Negotiate authentication mechanism (also tried Kerberos instead of NTLM). When I call the URL in the browser while monitoring the traffic in Fiddler, the negotiate authentication works as expected: first two requests return 401 and the third one returns 200.
[cid:***@01D0E59E.4E613010]
However, when I try to make the same call using cURL, the negotiation never happens, only one request is made and 401 status is returned:
[cid:***@01D0E59E.4E613010]
I tried a setting this optionin cURL before making the call:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE)
Also, tried setting it this way:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE | CURLAUTH_NTLM)
And this way:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY)
The result is always the same - one request returning 401. The second (and sometimes third) negotiations never seem to happen. What are we doing/not doing correctly?
We seem to be experiencing some difficulties in getting libcurl to work with NTLM and Kerberos authentication on a windows platform. Any help would be greatly appreciated.
Here is the problem:
We have a site configured to use NTLM Negotiate authentication mechanism (also tried Kerberos instead of NTLM). When I call the URL in the browser while monitoring the traffic in Fiddler, the negotiate authentication works as expected: first two requests return 401 and the third one returns 200.
[cid:***@01D0E59E.4E613010]
However, when I try to make the same call using cURL, the negotiation never happens, only one request is made and 401 status is returned:
[cid:***@01D0E59E.4E613010]
I tried a setting this optionin cURL before making the call:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE)
Also, tried setting it this way:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_GSSNEGOTIATE | CURLAUTH_NTLM)
And this way:
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY)
The result is always the same - one request returning 401. The second (and sometimes third) negotiations never seem to happen. What are we doing/not doing correctly?