[Owasp-webscarab] Busted Authenticated proxy
lists at dawes.za.net
lists at dawes.za.net
Thu Jan 6 04:11:42 EST 2005
Quoting Will Stranathan <will at thestranathans.com>:
> On Wed, 5 Jan 2005 10:10:38 -0600
> lists at dawes.za.net wrote:
> >Quoting Will Stranathan <will at thestranathans.com>:
> >No, I think that is pretty helpful. Can you try disabling the NTLM
> >filter
> >plugin, and see if it still happens?
> >
> >It looks like it is in the part of the code that is trying to remove
> >the
> >Authenticate: NTLM header.
> >
> Well, removing the Filter NTLM gets rid of the error, but it still
> doesn't work. My proxy supports NTLM and Basic. It'll send two
> Proxy-Authorization: NTLM headers (with different hashes each time),
> then I get prompted for credentials on the browser. I SUSPECT the
> NTLM authentication is not working right, but it's never getting
> around to attempting Basic.
>
> I traced it for awhile in Netbeans, but it's 3am, so I'm having
> difficulty focusing (sad - can't sleep but not alert enough to debug).
>
> If I get some time at work I'll fuss with it for a spell.
>
> Thanks,
> Will
>
Hi Will,
Well, the point of the NTLM filter is to remove the authenticate NTLM messages,
because the browser will never get around to trying Basic if NTLM is supported,
even if NTLM is unsuccessful.
So it is obviously some header parsing error in the plugin/proxy/NTLMFilter.java
code. Maybe you could post the header string(s) that you are seeing, and I'll
try to parse it better ;-)
Regards,
Rogan
More information about the Owasp-webscarab
mailing list