1

Need to make http call using golang client (net/http) which requires integrated windows authentication (NTLM) (similar issue ) its not working.. - i am not what am missing below is the code that i use.. (package used - ntlmssp "github.com/Azure/go-ntlmssp")

client := &http.Client{
    Transport: ntlmssp.Negotiator{
        RoundTripper: &http.Transport{},
    },
}

req, _ := http.NewRequest("GET", url1, nil)

req.SetBasicAuth("login", "password") 

res, err := client.Do(req)

I get the error the following response ..

{401 Unauthorized 401 HTTP/1.1 1 1 map[Content-Type:[text/html] Server:[Microsoft-IIS/8.5] Www-Authenticate:[NTLM Negotiate]

Appears to work when i run against a local webserver which has windows auth enabled... differene i notice is in the IIS version - not sure how it impacts NTLM... 

200 OK 200 HTTP/1.1 1 1 map[Content-Type:[text/html] Accept-Ranges:[bytes] Server:[Microsoft-IIS/10.0] Persistent-Auth:[true] L

In addition.. when i notice the NTLM handshake - this is what i see (not very familiar with NTLM handshake/what it would imply... ) so not sure if this means anything...

When it works the authorization tags to Negotiate When it works the authorization tags to Negotiate

but when it fails the authorization tags to NTLM but when it fails the authorization tags to NTLM

Improve this question
10
  • 1
    What's the difference between the sites it works with and those where it does not?
    – Adrian
    Commented Jun 29, 2017 at 20:16
  • corrected myself - it does not work with any (had performed a bad test )
    – Vikram
    Commented Jun 29, 2017 at 20:41
  • ok here is an update... it does actually work at times... i setup a local site which requires authentication the difference i see is the IIS version {401 Unauthorized 401 HTTP/1.1 1 1 map[Content-Type:[text/html] Server:[Microsoft-IIS/8.5] Www-Authenticate:[NTLM Negotiate] Date:[Thu, 29 Jun 2017 21:25:13 GMT] vs 200 OK 200 HTTP/1.1 1 1 map[Content-Type:[text/html] Accept-Ranges:[bytes] Server:[Microsoft-IIS/10.0] Persistent-Auth:[true] L
    – Vikram
    Commented Jun 29, 2017 at 21:29
  • If you look at the readme for that library, there are some fairly specific circumstances under which it's designed to work, that may or may not be the issue.
    – Adrian
    Commented Jun 29, 2017 at 21:41
  • thank.. am wondering the same... but i could not see/understand what is different.. i did figure out the Authorization - NTLM... but thats jsut about how to configure IIS - i am guessing NTLM version issue... anywayz i'll keep digging.. Thanks again @Adrian for your feedback!!!
    – Vikram
    Commented Jun 30, 2017 at 14:56
Related questions
5
Golang: Access a Windows share (from Linux application)
5
windows encrypted rdp passwords in golang
6
Golang: how can I call win32 API without cgo?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Browse other questions tagged or ask your own question.