severin has asked for the wisdom of the Perl Monks concerning the following question:

hi! i got the following problem: i want to access a site in my companies intranet via a perl-script using LWP. the problem is, that this site is password protected and uses the NT-Permissions to look, if the user is permitted to see the site. if i run lwp-request for that site ( in debug mode)it gives me the following Authentication: "WWW-Authenticate: NTLM". I looked around a rather long time for a solution to access this site. Can anyone help me? please... severin

Replies are listed 'Best First'.
Re: LWP with NTLM-Authentication?
by belg4mit (Prior) on Feb 12, 2002 at 19:57 UTC
    NTLM|NTLM turn up two candidates, one for exploring the actual algorythm (as it provides the ability to implement it for Apache), and the other more directly answers your question. It was an interesting (albeit not difficult, once you know where to look ;-) thing to research.

    --
    perl -pe "s/\b;([st])/'\1/mg"

[reply]
Re: LWP with NTLM-Authentication?
by snouhaud (Initiate) on Apr 23, 2002 at 17:28 UTC
    Here a sample a code that make correct NTLM authentification it's use the last libwww version (5.64 i hope): Note that the keep_alive => 1 is important NTLM authorize TCP/IP connection and not request Hope that help you... 
    #Libraries inclusion
use DBI;
use LWP::UserAgent;
use HTTP::Headers::Util;
use DBD::Oracle;
use Crypt::SSLeay::MainContext;
use Net::Ping;

# For NTLM authentification
use Authen::NTLM;
use LWP::ConnCache;
use HTML::HeadParser;

#User Agent declaration
$ua = new LWP::UserAgent( keep_alive => 1);

    my $req = new HTTP::Request GET => $addrTxt;
    #$req->content_type('application/x-www-form-urlencoded');
    #$req->content('match=www&errors=0');
    #Pass request to the user agent and get a response back
    my $res = $ua->request($req);
    #Update into url table the url link status depending on the previo
+us test
    #Null for success and 0 for failure
    
    if (!$res->is_error) {
        # URL is OK
        undef $nul;
        $updateStatus->execute($nul,$linkNo) or die "Couldn't execute 
+statement: " . $dbh->errstr;
        next;
    }
        
    # URL En erreur
       if ( $res->status_line =~ /^401/ && $res->headers()->header("WW
+W-Authenticate") eq "NTLM" ) {
            # Try the NLTM Authorization

            ntlm_user($tableParam{"NTUser"});
            ntlm_password($tableParam{"NTPass"});
            ntlm_domain($tableParam{"NTDomain"});

            $headers = new HTTP::Headers();
            $headers->header("Authorization" => "NTLM " . ntlm());
            $request = HTTP::Request->new('GET', $addrTxt, $headers);
            $response = $ua->request($request);
            $headers = $response->headers();
            $auth_type = $headers->header("WWW-Authenticate");
            if($auth_type =~ /^NTLM (.*)$/) {
                $chal_resp = ntlm($1);
                $headers = new HTTP::Headers();
                $headers->header("Authorization" => "NTLM " . $chal_re
+sp);
                $request = HTTP::Request->new('GET', $addrTxt, $header
+s);
                $res = $ua->request($request);
                if (!$res->is_error) {
                        # URL OK
                        undef $nul;
                        $updateStatus->execute($nul,$linkNo)
                            or die "Couldn't execute statement: " . $d
+bh->errstr;
                        next;
                }
            }
        }
        # Url In error
        write_error_log("$linkNo - $addrTxt - " . ($IsLocal ? "Local" 
+: "Remote") . " - " . $res->status_line);
}

    [download]
[reply]
[d/l]
      What do you need all the database stuff for in the sample??? Is it really necessary??? Konrad
[reply]

Back to Seekers of Perl Wisdom