{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 姐就是有狂的资本 的问题《Writing a custom NTLM challenge/response in ASP.Ne》','https://www.manongdao.com/q-662860.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I know that you can enable NTLM authentication in an ASP.Net app using:
<authentication mode="Windows" />
However - I need to handle Forms, HTTP and other custom authentications in the same app, so ASP.Net's limited built-in support is no use.
The NTLM handshake should be fairly simple:
Request - [unauthenticated - no user info passed]
Response - 401 Unauthorized
WWW-Authenticate: NTLM
Request - Authorization: NTLM <base64-encoded type-1-message>
Response - 401 Unauthorized
WWW-Authenticate: NTLM <base64-encoded type-2-message>
Request - Authorization: NTLM <base64-encoded type-3-message>
Server can now check username/password against LDAP from type-3 message
Response - 200 Ok [now authenticated & authorised]
So to roll my own I need to parse type-1 and type-3 messages and generate a type-2 message.
The structure for those messages is well documented but fairly complex - it seems very messy to write my own message generators and parsers. I think the methods to read and write these messages should already be in .Net, but I haven't been able to find them.
How can I build and parse these NTLM messages using .Net?
Cassini supports NTLM authentication, so you could use the source to more easily create a class which parses the NTLM authorization messages.
http://cassinidev.codeplex.com/