LWP::UserAgent Authentication

palladinob has asked for the wisdom of the Perl Monks concerning the following question:

This is my first posting to the Perl Monks so if I'm missing any information please be sure to let me know.

I'm trying to perl-script a POST to a NTLM-protected web site. Both boxes are Windows. Mine is XP - not sure what the server is.

I can use my IE browser with no problems at all. If I specify just the url it doesn't even ask me for my username/password. If I specify the complete url (domain and all) it pops up a text message box asking for my username/password. Typing them in also works the way its expected.

I'm running ActiveState perl v5.8.8 and no matter what code I try - and I've been all over the internet trying MANY examples - I can't get pass the level 2 NTLM challange. I see level 1 in the debug output then level 2 and then it goes right back to level 1 and 401's-me.

I've included the code (and the response) for what I thought should work but this version doesn't even get me to level 1. I've tried everything that's "standard" and recommended with no success whatsoever.

For our security purposes, actual urls, domain names,username, and password are represented by generic strings enclosed with arrows.

#!/usr/bin/perl -w

# test_NTLM-9.pl

use strict;

use LWP::UserAgent;
use LWP::Debug qw(+);

my $page = "";
my $response = "";
my $ua = "";

my %reports = ();

my $url1 = "http://<some url>/reports.asp";
my $url2 = "http://<some url>.<some domain>.com:80/reports.asp";


{
 package RequestAgent;
 our @ISA = qw(LWP::UserAgent);

 sub get_basic_credentials
  { return ("<DOMAIN\\username>", "<passowrd>"); }
}


$ua = RequestAgent -> new (keep_alive => 1);

$response = $ua -> post ($url2, \%reports, ['report' => 'E911 Numbers'
+]);

if ($response -> is_success)
  {
   print ("\nGOOD\n");
   $page = $response -> code;
  }
 else
  {
   print ("\nBAD\n");
   $page = $response -> code;
  }

if (defined ($page))
 {
  $page =~ s/<br>/\\\n/g;
  print ($page);
 }

exit;
[download]

C:\> test_NTLM-9.pl
LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST http://<some url>.<some domain>.com
+:80/reports.
asp
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::collect: read 811 bytes
LWP::Protocol::collect: read 3620 bytes
LWP::UserAgent::request: Simple response: Unauthorized

BAD
401
C:\>
[download]

ANY help is greatly appreciated. Thank you in advance.

20070320 Janitored by Corion: Added formatting, code tags, as per Writeup Formatting Tips

Comment on LWP::UserAgent Authentication Select or Download Code

Replies are listed 'Best First'.
Re: LWP::UserAgent Authentication by varian (Chaplain) on Mar 20, 2007 at 17:12 UTC
Hi Palladinob, welcome to Perlmonks! CPAN module LWP::Authen::Ntlm should be able to help you, as it has been designed to deal with Ntlm type of authentication. You probably have it installed with LWP already. So in your code there is no need to add the subroutine, just use the credentials method, e.g.: `use LWP; my $ua = new LWP::UserAgent(keep_alive=>1); $ua->credentials('www.company.com:80', '', "MyDomain\\MyUsername", 'M +yPassword');` [download] To improve the readability of your question pls see Writeup formatting Tips	[reply] [d/l]
Re^2: LWP::UserAgent Authentication by palladinob (Novice) on Mar 20, 2007 at 17:21 UTC
Tried that. That one's right out of the LWP::Authen::NTLM module write-up. Didn't work.	[reply]
Re^3: LWP::UserAgent Authentication by varian (Chaplain) on Mar 20, 2007 at 17:46 UTC
Alternatively try to access the page with a regular browser. If it pops up with a 'standard' username/password box then make a note of the realm and insert that into your credentials method as the second argument. You may be dealing with a server that requires regular digest authentication. Popup will have something like this: `Enter username and password for "realmname_here" at http://...` [download] Update: btw make sure to append the portnumber (:80) to your fully qualified hostname in argument one, otherwise authentication can fail even with correct credentials.	[reply] [d/l]
Re^4: LWP::UserAgent Authentication by palladinob (Novice) on Mar 20, 2007 at 18:46 UTC
Re^5: LWP::UserAgent Authentication by varian (Chaplain) on Mar 20, 2007 at 19:37 UTC
Some notes below your chosen depth have not been shown here
Re^5: LWP::UserAgent Authentication by eric256 (Parson) on Mar 20, 2007 at 19:40 UTC
Re: LWP::UserAgent Authentication by crashtest (Curate) on Mar 22, 2007 at 00:20 UTC
I had a devil of a time getting NTLM working for me. This was about two years ago now. Once I had things up and running, I posted Re^2: More NTLM to document my travails. Maybe it can help you. And welcome to PerlMonks!	[reply]
Re^2: LWP::UserAgent Authentication by palladinob (Novice) on Mar 30, 2007 at 20:38 UTC
Thank you all for the suggestions/help/directions... I think the bug report as mentioned by crashtest fixed my problem - well, on my Linux box anyway. Windows NT still doesn't work but at least I have a clue as to what to look for. (Yes, I added the patch but I think it may have to do with some of the other ActiveState modules I have loaded. That's for another day.) I replaced my code with the snippet in Re^2: MORE NTLM (node_id=443032) and, along with the bug fix, it works great! Thanks again everyone for trying and being patient with me as a new poster to the Monks.	[reply]
Re^3: LWP::UserAgent Authentication by Anonymous Monk on Sep 25, 2007 at 23:19 UTC
All, LWP::Authen::Ntlm relies on Authen::NTLM (by Mark Bush). Until recently, this module had a bug. I have taken over maintenaince of Authen::NTLM, and the latest release on CPAN fixes the problem.	[reply]