in reply to Re: Authen::Negotiate Wep-Programming
in thread Authorization Negotiate Wep-Programming

ok edited, i don't know if the posted code above was sufficient, so just in addition i post the full code here 

#!d:\perl\bin\perl.exe 
use warnings;
use strict;

use CGI qw(:standard);
use CGI::Carp 'fatalsToBrowser';
use LWP;
use HTTP::Request::Common;
use HTTP::Cookies;
use HTTP::Headers;
use LWP::Debug qw(+);
use URI::Escape qw(uri_escape_utf8 uri_escape uri_unescape); 
use Encode;

print "Content-type:text/html;charset=UTF-8\n\n" ;
our $page;
my $jsessionID;
my $viewState;
sub extractLinks(){
$page =~ s/\"\/search(\/.[^ ]+)+\"/https:\/\/patentscope\.wipo\.int\/s
+earch$1\" /g;
}


sub extractJSessionID(){
my $jsessionID="";

if($page =~ /(jsessionid=[A-Z0-9]*\.wapp[0-9]n[A-Z])/si){$jsessionID =
+ $1;}
return $jsessionID;
}

sub extractViewStateID(){
my $ViewState="";
if($page =~ /javax.faces.ViewState:0\" value=\"(-?[0-9:]*)/si){

$ViewState = "javax.faces.ViewState=".$1;}
$ViewState = join( "%3A", split(":", $ViewState) );
return $ViewState;

}
my $proxy = 'http://localhost:5865'; 

my $ua = new LWP::UserAgent(keep_alive => 0, ssl_opts => { verify_host
+name => 0 });    
$ua->proxy(['https', 'http', 'ftp'], $proxy);
$ENV{HTTPS_PROXY} = $proxy;    
$ENV{'PERL_LWP_SSL_CA_PATH'} = "D:\\CA_certs\\input\\certs";    
my $cookie_jar = new HTTP::Cookies();
$ua->cookie_jar($cookie_jar); 
$ua->agent('Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident
+/5.0)');

#download init page for extracting jsession id
my $response = $ua->get("https://patentscope.wipo.int/search/en/search
+.jsf");
die "Couldn't get $url", $response->status_line unless $response->is_s
+uccess;
print $response->status_line;
$page = $response -> decoded_content; 

extractLinks();
$jsessionID = extractJSessionID();
$viewState = extractViewStateID();
print $page;

my $param ='simpleSearchSearchForm=simpleSearchSearchForm&simpleSearch
+SearchForm%3Aj_idt379=ALLTXT&simpleSearchSearchForm%3AfpSearch=brushl
+ess+motor&simpleSearchSearchForm%3AcommandSimpleFPSearch=Search&simpl
+eSearchSearchForm%3Aj_idt447=workaround&$viewState';

#--------- problem part :
my $request = HTTP::Request->new('POST', 'https://patentscope.wipo.int
+/search/en/search.jsf');
$request->header('Content-Type' => 'application/x-www-form-urlencoded'
+);
$request->header('Referer' => "https://patentscope.wipo.int/search/en/
+search.jsf");
$request->header('Accept' => 'text/html,application/xhtml+xml,applicat
+ion/xml;q=0.9,*/*;q=0.8'); 
$request->header('Connection' => 'keep-alive'); 
$request->header('Cookie' => uc $jsessionID.'\; ABIW=balancer.cms41\; 
+wipo_language=en\; BSWA=balancer.bswa2'); 
$request->content($param);

$response = $ua->request($request);
$page = $response->decoded_content();

print $page;

[download]

Replies are listed 'Best First'.
Re^3: Authen::Negotiate Wep-Programming
by Anonymous Monk on May 23, 2017 at 14:41 UTC
    my $proxy = 'http://localhost:5865';
    This line makes me think that we still don't have enough information to help you. What kind of proxy are you running on localhost, and why?
[reply]
      it's from the company, some pages are blocked i guess thats why.
[reply]
        Ok, so it sounds like you work somewhere that has installed some BigBrotherWare on your computer. In order to get web pages, you have to talk to BigBrother, and he wants you to authenticate first. The Proxy-Authenticate header is not being sent to the web site, it's going to your company-installed security software. It sounds like you're going to either install LWP::Authen::Negotiate, or rip some chunks out of it and stick them in your program. Shouldn't be too hard either way, since it's a pure-perl module.
[reply]
        then again i think, i need Authorization and not Authentication, so doesn't i need something totally different (than following)?

        i was trying to do that, and its hard. The LWP:Authen::Negotiate is not available for windows. So looking at the source code, it is based on a modul called GSSAPI, which is not available for windows too. So which windows alternative is there for GSSAPI?

        I found Authen::SASL-Perl-Ntlm, if i can use that, how would my use of it look like? since i got no username or pasword?

           use Authen::SASL qw(Perl);

    $sasl = Authen::SASL->new(
        mechanism => 'NTLM',
        callback  => {
          #  user => $username, # just to leave it empty??
          #  pass => $password, ??
        },
    );

    $client = $sasl->client_new(...); #what to set here? 
    $client->client_start;
    $client->client_step('');
    $client->client_step($challenge);

        [download]
        could that really work?
[reply]
[d/l]

In Section Seekers of Perl Wisdom