<div>Hi,</div>
<div> </div>
<div>I'm thinging to write a NTLM credential plugin for zope3. But as I know, ntlm use 4-way handshake procedure, that means it needs two round-trips between server(zope3) and client(browser).</div>
<div> </div>
<div>When I look in the credential plugins, it has challenge mothed. But seems it is only design for 1 round-trip protocol. It can issue one challenge, and return to parent script. </div>
<div> </div>
<div>The question is: How can I do this kind 4-way handshake within the challenge mothed or is there any other way design for this kind protocol?</div>
<div> </div>
<div>Thanks,</div>
<div>Simon</div>
<div> </div>
<div>Attach: NTLM handshake</div>
<div><pre> 1: C --> S GET ...
2: C <-- S 401 Unauthorized
WWW-Authenticate: NTLM
3: C --> S GET ...
Authorization: NTLM <base64-encoded type-1-message>
4: C <-- S 401 Unauthorized
WWW-Authenticate: NTLM <base64-encoded type-2-message>
5: C --> S GET ...
Authorization: NTLM <base64-encoded type-3-message>
6: C <-- S 200 Ok
</pre></div>