Hi,

I have answered my own question (and those of course are the best kind of
answers from your point!)

The problem I hit stems from incorrect instructions given iin a
StackOverflow answer:

http://stackoverflow.com/questions/1276955/ntlm-proxy-without-password

The thing that is wrong is:

curl -U :

should be

curl -u :

When you change that, it can be made to work, although the workflow is
still rather complicated and perhaps a --proxy-transparent option would be
a good idea after all. Here's how I got it to work; I felt it might be
worth feeding back to you. No code as I've only so far got this manually
working at the command line:

1. curl -v http://www.google.com
    - if 307 redirect returned, go to step 2
    - Else:
        curl http://www.google.com
        return page
2. If 307 redirect returned:
    - Get the 'Location' header and extract the redirect URL from it
    - curl -v -u : --ntlm http://www.google.com
3. Get the final Location: header and check it redirects to
http://www.google.com
   - If successful:
     curl http://www.google.com
     return page
   - If not:
     ntlm auth failed

If there was a --proxy-transparent option for users with SSPI (perhaps
--proxy-ntlm-transparent, which would enable Proxy NTLM with the suggested
transparency 'enhancement' [more of a workaround...]), this would be a much
simpler process.

Malcolm.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-10-19