httplib/DAV: How to respond to "WWW-Authenticate: NTLM" ?

Steve Holden steve at holdenweb.com
Thu Oct 12 15:50:30 CEST 2006


robert wrote:
> In a DAV scheme with PROPFIND or GET (PROPFIND /test/ HTTP/1.1)  and 
> Basic AUTH to a MS SharePoint over https server (AUTH required), he 
> responds 'WWW-Authenticate: NTLM' only:
> 
> reply: 'HTTP/1.1 401 Unauthorized\r\n'
> header: Content-Length: 1656
> header: Content-Type: text/html
> header: Server: Microsoft-IIS/6.0
> header: WWW-Authenticate: NTLM
> header: X-Powered-By: ASP.NET
> header: MicrosoftSharePointTeamServices: 6.0.2.6568
> header: Date: Thu, 12 Oct 2006 12:27:42 GMT
> 
> 
> I simply try repeatedly the same request with Basic Auth header again => 
> The same response requesting 'header: WWW-Authenticate: NTLM' again.
> 
> But then after an unsuccessful test on a really new connection (.close() 
> , .request()) he accepts the Basic AUTH immediately.
> 
> * What is this?
> * Is this a legal/known way to respond to a NTLM AUTH request by 
> ..close() and reconnect with Basic Auth?
> * Is there a Python function out there to do real NTLM authentication?.. 
> and is this recommended to dig into Microsofty HTTP protocols ?
> 
> 
> -robert

The protocol is described in

   http://www.innovation.ch/personal/ronald/ntlm.html

though you may need to consult other documents to get the full details. 
It seems there may be a Python implementation at

   http://ntlmaps.sourceforge.net/

At a pinch you could just use the proxy.

regards
  Steve
-- 
Steve Holden       +44 150 684 7255  +1 800 494 3119
Holden Web LLC/Ltd          http://www.holdenweb.com
Skype: holdenweb       http://holdenweb.blogspot.com
Recent Ramblings     http://del.icio.us/steve.holden




More information about the Python-list mailing list