Board index » cppbuilder » TIdHTTP and Windows Authentication

2008-02-07 11:48:15 PM
cppbuilder42
Hi all,
I am using Indy 9.0.
I have a job which needs to get HTTP via Internet and some website has
Windows Authentication. How can I solved the problem.
Thanks.
 

"Aladin J." < XXXX@XXXXX.COM >wrote in message
Gambit
 

I am using Incdy 9.0.18.
I try 2 things as followings but they don't work.
1. By using
http->Request->Username = "username";
http->Request->Password = "password";
2. By Using
http->OnAuthorization = MyHandler;
++++
void __fastcall MyHandler(TObject *Sender, TIdAuthentication
*Authentication, bool &Handled)
{
Authentication->Username = "username";
Authentication->Password = "password";
Handled = true;
}
Anyway, if I change website on IIS to Basic Authentication, ther work.
But when I use Windows Authentication, error 401 found.
Aladin
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

{smallsort}

"Aladin J." < XXXX@XXXXX.COM >wrote in message
must be done:
1) register the desired TIdAuthentication... classes via the
RegisterAuthenticationMethod() function at program startup. This allows
TIdHTTP to select auth schemes automatically.
2) use the OnSelectAuthorization event to create a suitable
TIdAuthentication... object instance for one of the auth schemes that the
server supports (provided in the AuthInfo parameter of the event handler)
3) if you know the exact auth scheme that the server will be using ahead of
time, you can assign a suitable TIdAuthentication... object instance to the
Request->Authentication property before sending a request.
Gambit
 

I try to use as followinng code but it generates error after I create
variable "IdNTLMAuthentication":
The error is "Operation aborted".
Where am I wrong?
+++++
TIdNTLMAuthentication *IdNTLMAuthentication = new TIdNTLMAuthentication();
// Generates error "Operation aborted"
IdNTLMAuthentication->Username = "user";
IdNTLMAuthentication->Password = "password";
http->Request->Authentication = IdNTLMAuthentication;
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

"Aladin J." < XXXX@XXXXX.COM >wrote in message
http->Request->Authentication = new TIdNTLMAuthentication();
http->Request->Username = "user";
http->Request->Password = "password";
Gambit
 

Hi Gambit,
Thanks for your help.
But when I call
http->Request->Authentication = new TIdNTLMAuthentication();
It still found the error "Operation aborted." in Exception (ex.Message)
after I have try/catch
try {
http->Request->Authentication = new TIdNTLMAuthentication();
}
catch (ex as Exception) {
' Error Found in ex.Message()
}
Aladin
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

"Aladin J." < XXXX@XXXXX.COM >wrote in message
preferrably by 'const' reference, ie:
catch (const Exception &ex)
Gambit
 

I have already known the problem and solved. The first problem is OpenSSL is
not installed.
Now I thought I can use NTLM Authentication.
BUT it still have the error code returned from Web Server is "HTTP Error
401.2 - Unauthorized"
I need just to find the way to Get HTTP Page from selected Windows
Authentication from IIS server.
How can I do?
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

"Aladin J." < XXXX@XXXXX.COM >wrote in message
NTLM authentication to begin with. Can you show a log from a packet capture
of the original HTTP request and server reply?
Gambit
 

I think it's NOT WORK.
Could you have a simple code to use TIdHttp with Windows Authentication?
I need to Get HTTP page from IIS with having Windows Authentication.
I'm surrender.
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

"Aladin J." < XXXX@XXXXX.COM >wrote in message
further without it. I need to see what the server is actually asking your
client for.
Gambit
 

I try to find program to capture HTTP header and fond it has nothing in HTTP
header when I call TIdNTLMAuthentication.
Here is the HTTP Header when request:
GET /default.html HTTP/1.1
Host: 127.0.0.1
Accept: text/html, */*
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0)
Here is the HTTP Header when response:
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Wed, 13 Feb 2008 21:43:01 GMT
Content-Length: 3481
I supprise in request caused by it should have more tag liked
"Authorization: NTLM TlRMTVNTUAA..........." but it's gone.
If you have a simple completed code for Windows Authentication. Pls send me
at XXXX@XXXXX.COM that is appreaciated.
Aladin J.
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message

"Aladin J." < XXXX@XXXXX.COM >wrote in message
TIdSSPINTLMAuthentication instead of TIdNTLMAuthentication for that.
However, since the server is also stating that "NTLM" is supported, then
TIdNTLMAuthentication should have worked ok. Something else has to be
happening. Since TIdNTLMAuthentication's constructor loads the OpenSSL
DLLs, you probably don't have the right version installed. That is the only
thing I can think of that would cause the constructor to throw an exception.
explicitally asks for them first. In this case, you sent a request, and the
server replied asking for the credentials. There should have been a second
request sent automatically after that which included the credentials that
TIdNTLMAuthentication generates. Of course, if you can't create the
TIdNTLMAuthentication object to begin with, then it won't be available to
generate that data.
Gambit
 

I try changing to use TIdSSPINTLMAuthentication instead BUT caused by the
package of Indy 9.0.xx does not provide for C++.
I have to add IdAuthenticationSSPI.pas and IdSSPI.pas in Indy60.dpk first
and the build new package which it works OK, no error found.
But when I complied program by including <IdAuthenticationSSPI.hpp>there
generates too many errors and I cannot fix them (Most in file IdSSPI.hpp and
IdAuthenticationSSPI.hpp which automatically generated from compiler).
Example error:
IdSSPI.hpp(866): E2040 Declaration terminated incorrectly.
IdSSPI.hpp(867): E2040 Declaration terminated incorrectly.
IdAuthenticationSSPI.hpp(866): E2238 Multiple declaration for '_fastcall
ESSPIException::ESSPIException(AnsiString,int)'
Is this a right way to handle this task?
Aladin J.
"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM >wrote in message