httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <>
Subject NTLM in Apache
Date Fri, 22 Aug 1997 21:03:12 GMT

My beginning conversation with the guy I mentioned had NTLM code 
that we could use in Apache. Perhaps other NT programmers were 
aware of what he is telling us?

------- Forwarded Message

Date: Fri, 22 Aug 1997 13:41:57 -0700
From: Jeremy Allison <>
Organization: Whistle Communications
X-Mailer: Mozilla 3.01 (X11; I; FreeBSD 2.2-970422-RELEN0 i386)
MIME-Version: 1.0
To: Randy Terbush <>
Subject: Re: NTLM and Apache
References: <>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

> Well, there are a number of group members who are currently 
> debating this issue now. You may not be aware that Apache is about 
> to release a 1.3 beta that runs on NT. We have been discussing how 
> we want/need to do authentication and NTLM has come up as an 
> option that we probably _need_ to support. Sounds like pass-through 
> is really what we need to do for an NT web server.

Well if you only need NTLM for NT apache systems you
don't need any of our code at all - you can do this
by using the SSPI routines directly (search for SSPI
on MSDN - you even get sample code :-). The SSPI
routines give you the (undocumented) blobs back
directly - just convert the data buffer to base64
and away you go. It will deal with the pass-though
issues (it actually won't use pass-through but NT
domain authentication protocol, also undocumented,
but thats by-the-way).

It's only if you want to add this functionality
into the UNIX apache source that you need extra
code to generate the blobs yourself. Let me know 
if this is the case.


- -- 
- --------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
- --------------------------------------------------------

------- End of Forwarded Message

View raw message