I need to connect through a webproxy to get access to the www and its websites. The webproxy is based on Windows IIS7 and forces authentication "negotiate" (not basic, not digest, not raw ntlm). Can I do it with this HTTP protocol client?
Manuel Lemos - 2016-03-09 23:35:57 - In reply to message 1 from Andreas Horn
A new driver class would need to be added to the SASL class. I do not have a proxy that supports negotiate authenticantion mechanism so I would not have a way to try it. Would it be possible to provide some kind of access to that proxy so I could test it?
Andreas Horn - 2016-03-10 07:14:21 - In reply to message 2 from Manuel Lemos
Thx for your reply. I'm sorry, but there's no way to grant access to this proxy for it's part of a company gateway. From inside the company environment I need this authentication to reach the web. Browsers do it by themselves, but php doesn't.
If you've got an idea how to solve, I could probably run some tests and/or provide you with some debug information of the auth communication
Manuel Lemos - 2016-03-10 08:27:17 - In reply to message 3 from Andreas Horn
I could try to implement it but I would need a Windows machine to try it and I do not use Windows.
Anyway, if you can take a look and figure how to create a SASL driver for that protocol looking at the others, I can help you to integrate it.
Looking at the RFC it seems negotiate works with either Kerberos or NTLM support. The SASL package already supports NTLM, so I suppose it is possibly not a big deal but I would need time to investigate. If you can do it yourself looking at the code and the RFC, it would be nice to contribute back what you implemented.
Andreas Horn - 2016-03-10 10:22:19 - In reply to message 4 from Manuel Lemos
Thank you for your quick response.
I'm probably not that experienced to integrate it by myself - I wished to get a solution off-the-shelf.
But I try to understand your SASL and HTTP package and setup some simple connections with your packages - hopefully I'll find back to ask some questions.