4

I am looking for the path of least resistance for doing NTLM authentication in a Go HTTP request using the system credentials of the Windows user calling the application.

In C#/.NET, I would be able to achieve this through

WebRequest request = WebRequest.Create(url);
request.Credentials = CredentialCache.DefaultCredentials;
WebResponse response = request.GetResponse();
Stream receiveStream = response.GetResponseStream();

and in Python, the equivalent result can be obtained through

import win32com.client
h = win32com.client.Dispatch('WinHTTP.WinHTTPRequest.5.1')
h.SetAutoLogonPolicy(0)
h.Open('GET', url, False)
h.Send()

but I have not been able to find any resources on how to do the same thing in Go. I could of course use a library for NTLM authentication and manually provide a username/password, but the goal here is to avoid ever putting those in.

Improve this question

1 Answer 1

Reset to default
4

After digging into it a bit further, it looks like go-ole can be utilized to make use of WinHTTPRequest in the same way as the Python example in the question. Ignoring all error catching,

package main

import (
    "fmt"

    ole "github.com/go-ole/go-ole"
    "github.com/go-ole/go-ole/oleutil"
)

func main() {
    ole.CoInitialize(0)
    defer ole.CoUninitialize()
    unknown, _ := oleutil.CreateObject("WinHTTP.WinHTTPRequest.5.1")
    request, _ := unknown.QueryInterface(ole.IID_IDispatch)
    oleutil.CallMethod(request, "SetAutoLogonPolicy", 0)
    oleutil.CallMethod(request, "Open", "GET", "http://example.com", false)
    oleutil.CallMethod(request, "Send")
    resp := oleutil.MustGetProperty(request, "ResponseText")
    fmt.Println(resp.ToString())
}
Improve this answer
0

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.