[Zope3-Users] NTLM credential plugin
hangzhiyun at gmail.com
Tue Sep 12 20:01:57 EDT 2006
I'm thinging to write a NTLM credential plugin for zope3. But as I know,
ntlm use 4-way handshake procedure, that means it needs two round-trips
between server(zope3) and client(browser).
When I look in the credential plugins, it has challenge mothed. But seems it
is only design for 1 round-trip protocol. It can issue one challenge, and
return to parent script.
The question is: How can I do this kind 4-way handshake within the challenge
mothed or is there any other way design for this kind protocol?
Attach: NTLM handshake
1: C --> S GET ...
2: C <-- S 401 Unauthorized
3: C --> S GET ...
Authorization: NTLM <base64-encoded type-1-message>
4: C <-- S 401 Unauthorized
WWW-Authenticate: NTLM <base64-encoded type-2-message>
5: C --> S GET ...
Authorization: NTLM <base64-encoded type-3-message>
6: C <-- S 200 Ok
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Zope3-users