curl-users
Re: Using Curl against SharePoint 2010, authentication fails, NTLM vs. GSS?
Date: Wed, 06 Apr 2011 16:20:45 -0400
Hi,
Ralph Mitchell <ralphmitchell_at_gmail.com> writes:
> On Fri, Apr 1, 2011 at 3:26 PM, Derek Atkins <warlord_at_mit.edu> wrote:
>
> Hi,
>
> I'm trying to use curl (curl-7.19.7-13.fc12.x86_64) to contact a
> SharePoint 2010 server, but authentication is failing no matter whether
> I tell curl to use NTLM or anyauth. The command I'd like to use:
>
> curl --trace-ascii /tmp/sharepoint.ascii --ntlm -D /tmp/sharepoint \
> -u administrator --retry 1 -L http://172.16.64.20/
>
> Curl's build state:
>
> curl -V
> curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.12.6.2 zlib/
> 1.2.3 libidn/1.9 libssh2/1.2.4
> Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
> Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
>
> Curl is up to version 7.21.4 now. Is there any way you could try a more
> recent version? Maybe Fedora 14 in a VM or booted off a usbstick?? I have it
> on my laptop, and it shows the curl version as:
Sure. Sorry it took so long, but I just tried with 7.21.3 and it still
has the same issue.
> curl 7.21.0 (x86_64-redhat-linux-gnu) libcurl/7.21.0 NSS/3.12.8.0 zlib/
> 1.2.5 libidn/1.18 libssh2/1.2.4
> Protocols: dict file ftp ftps http https imap imaps ldap ldaps pop3 pop3s
> rtsp scp sftp smtp smtps telnet tftp
> Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
>
> If if's a bug, it has probably been fixed already...
Here is the run and output of the ascii trace:
mock-chroot> ./curl --version
curl 7.21.3 (x86_64-unknown-linux-gnu) libcurl/7.19.7 NSS/3.12.6.2 zlib/1.2.3 libidn/1.9 libssh2/1.2.4
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
mock-chroot> ./curl --trace-ascii /tmp/sharepoint2010.ascii --ntlm -D /tmp/sharepoint2010 -u administrator --retry 1 -L http://172.16.64.20/
Enter host password for user 'administrator':
mock-chroot> cat /tmp/sharepoint2010.ascii
== Info: About to connect() to 172.16.64.20 port 80 (#0)
== Info: Trying 172.16.64.20... == Info: connected
== Info: Connected to 172.16.64.20 (172.16.64.20) port 80 (#0)
== Info: Initializing NSS with certpath: /etc/pki/nssdb
== Info: Server auth using NTLM with user 'administrator'
=> Send header, 233 bytes (0xe9)
0000: GET / HTTP/1.1
0010: Authorization: NTLM ...
0052: User-Agent: curl/7.21.3 (x86_64-unknown-linux-gnu) libcurl/7.19.
0092: 7 NSS/3.12.6.2 zlib/1.2.3 libidn/1.9 libssh2/1.2.4
00c6: Host: 172.16.64.20
00da: Accept: */*
00e7:
<= Recv header, 27 bytes (0x1b)
0000: HTTP/1.1 401 Unauthorized
<= Recv header, 27 bytes (0x1b)
0000: Server: Microsoft-IIS/7.5
<= Recv header, 53 bytes (0x35)
0000: SPRequestGuid: 5e26dd22-2e57-4b63-bd1f-e0467c35b5d3
<= Recv header, 325 bytes (0x145)
0000: WWW-Authenticate: NTLM ...
... <cut>
0140: A==
== Info: gss_init_sec_context() failed: : Cannot determine realm for numeric hos
t address<= Recv header, 29 bytes (0x1d)
0000: WWW-Authenticate: Negotiate
<= Recv header, 23 bytes (0x17)
0000: X-Powered-By: ASP.NET
<= Recv header, 46 bytes (0x2e)
0000: MicrosoftSharePointTeamServices: 14.0.0.4762
<= Recv header, 37 bytes (0x25)
0000: Date: Wed, 06 Apr 2011 20:13:19 GMT
<= Recv header, 19 bytes (0x13)
0000: Content-Length: 0
<= Recv header, 2 bytes (0x2)
0000:
== Info: Connection #0 to host 172.16.64.20 left intact
== Info: Closing connection #0
mock-chroot>
> Ralph Mitchell
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-users
> FAQ: http://curl.haxx.se/docs/faq.html
> Etiquette: http://curl.haxx.se/mail/etiquette.html
-derek
-- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH warlord_at_MIT.EDU PGP key available ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-users FAQ: http://curl.haxx.se/docs/faq.html Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2011-04-06