isahc
isahc copied to clipboard
sagebind
Support for NTLM
With #84 -> #115, support was added for SPNEGO, but it seems this only works for the Kerberos sub-mechanism. I have a service that is responding with a WWW-Authenticate: NTLM header, but the client is not handling that case.
I'm unsure if this is a documentation miss and I'm doing something wrong, or if it's not supported.
A snippet of what I'm doing:
use isahc::{
HttpClient,
auth::{Authentication, Credentials},
config::SslOption,
prelude::*
};
const URL: &str = "...";
fn main() {
let username = read();
let password = read();
let credentials = Credentials::new(username, password);
let client = HttpClient::builder()
.cookies()
.authentication(Authentication::negotiate())
.credentials(credentials)
.ssl_options(SslOption::DANGER_ACCEPT_INVALID_CERTS)
.build().unwrap();
let res = client.get(URL).unwrap();
println!("{:#?}\n{:#?}", res.headers(), res.status());
}
fn read() -> String {
use std::io::{stdin, BufRead};
stdin().lock().lines().next().unwrap().unwrap()
}
Response:
{
"content-length": "0",
"server": "Microsoft-HTTPAPI/2.0",
"www-authenticate": "NTLM",
"date": "Fri, 13 Aug 2021 14:58:36 GMT",
}
401
Thanks for filing an issue!
Advanced auth mechanisms such as NLTM are finicky and depend on how underlying libcurl is compiled. This issue may also be related: https://github.com/alexcrichton/curl-rust/issues/359
You can try installling a custom build of libcurl with spnego support enabled and have Isahc use that by disabling the static-curl crate feature and it may work. I haven't tried it myself since I'm not too familiar with how it works and aren't sure how to test it myself.
