Carrying out NTLM authentication over BSD Sockets.

Hi,


We are in a strange situation where we need to implement the HTTP Tunnel over BSD sockets (can not use URLSession and other fancy APIs), in this case the proxy is configured with the NTLM authentication. We could get the HTTP Tunnel (using CONNECT) working with Basic auth by adding the correct Authorization header in the response. But NTLM would need some more complexity. Is there any easier way to use the TCP Sockets for this NTLM HTTP Tunnel in iOS?


In worst case, we might need to write this auth logic ourselves but any other recommendations to take this further?


Thanks.

Up vote post of san_personal Down vote post of san_personal
645 views
Posted by
san_personal
Reply
Add a Comment

Replies

Is there any easier way to use the TCP Sockets for this NTLM HTTP Tunnel in iOS?

No. In theory you should be be able to do this using 

CFHTTPAuthentication
but this won’t work for NTLM. NTLM needs to know the URL for which this is a response and the routine to set that is not public API (r. 6980095).

And yeah, that’s a very low Radar number. This has been an issue since at least 2006 )-:

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks Quinn.


We would try to use some other third pary library in C then to carry out this as OS does not provide any support and hope to get this working as we know the proxy URL and the end Webserver we are trying to reach via proxy.

Posted by
san_personal
Up vote reply of san_personal Down vote reply of san_personal
Add a Comment