I'm trying to use the cntlm proxy on my windows machine to talk to a local web application on IIS that uses Windows Authentication from PhantomJS. To create the proxy, I'm doing: cntlm -v -u username@domain -p password -l 1456 localhost:80
My app lives at localhost/myapp
To test whether or not this works, I try to browse to localhost:1456/myapp but I always get an auth challenge and no sensible username/password combination seems to work. Any thoughts on why this setup might not be working as expected?
When I hit the proxied endpoint in a browser, this is the output from cntlm:
http://pastebin.com/xvvmfsGV
After wrestling with the concept for a while I finally figured out how to get this set up.
After installing cntlm, I ran the following from a command prompt:
"c:\Program Files (x86)\Cntlm\cntlm.exe" -u <user_name> -d <domain_name> -H
This asks for your password and spits out three hashes to use in the configuration file.
I whittled down the required configuration in cntlm.ini to:
Username <user_name>
Domain <domain_name>
PassLM <LM_hash>
PassNT <NT_hash>
PassNTLMv2 <NTLMv2_hash>
Proxy 192.168.7.1:80 #random proxy
NoProxy *
Listen 3133 # unused port
cntlm forces your to specify a top-level proxy even if you don't need one or have one, so any valid number for that option will do. Setting NoProxy to * ensures that any request never gets passed on to the bogus proxy specified.
Run "c:\Program Files (x86)\Cntlm\cntlm.exe" -f in a console to verify that everything is working. Otherwise, start and stop it as a service.
To test with phantomjs I used the following script:
var page = require('webpage').create();
page.open('http://<machine_name>/myapp', function(status) {
console.log("Status: " + status);
if(status === "success") {
page.render('example.png');
}
phantom.exit();
});
<machine_name> cannot be localhost because phantomjs bypasses proxies when the host is localhost, so use your machine name or ip address instead.
To run it: phantomjs --proxy=localhost:3133 test.js
