For a while now I have been trying to find a way for jython to access site using NTLM. I have just basic knowledge of python and next to none in java, so I could use some help (or an example) how to make the request use NTLM in this script part I have found. I am using this with open source application grinder.
First I start with importing jcifs in script along with others used by grinder:
from net.grinder.script import Test
from net.grinder.script.Grinder import grinder
from net.grinder.plugin.http import HTTPPluginControl, HTTPRequest
from HTTPClient import NVPair
from jcifs.ntlmssp import Type1Message
from jcifs.ntlmssp import Type2Message, Type3Message
from jcifs.util import Base64
This code part was provided in example I found. It was the closes thing I could find, that would fit my needs, since I just need to get the full response to request.
def NTLMAuthentication1(url, request, info, NTLMfield):
token_type1 = info.token_type1()
params = (NVPair("Authorization", "NTLM "+token_type1), )
result = request.GET(url, None, params)
NTLMfield = result.getHeader("WWW-Authenticate")
return NTLMAuthentication2(url, request, info, NTLMfield)
def NTLMAuthentication2(url, request, info, NTLMfield):
if NTLMfield.startswith("Negotiate"):
token_type2 = NTLMfield[len("Negotiate "):]
token_type2 = NTLMfield[5:]
token_type3 = info.token_type3(token_type2)
params = (NVPair("Cookie", "WSS_KeepSessionAuthenticated=80"),
NVPair("Authorization", "NTLM " + token_type3), )
result = request.GET(url, None, params)
return result
# this function validate request and its result to see if the NTLM authentication is required
def NTLMAuthentication(lastResult, request, info):
# get last http request's url
url = lastResult.getEffectiveURI().toString()[len(request.getUrl()):]
# The result is ask for authentication
if lastResult.statusCode != 401 and lastResult.statusCode != 407:
return lastResult
NTLMfield = lastResult.getHeader("WWW-Authenticate")
if NTLMfield == None:
return lastResult
# check it is the first shakehands
if NTLMfield == "Negotiate, NTLM" or NTLMfield == "NTLM":
return NTLMAuthentication1(url, request, info, NTLMfield)
# check it is the second shakehands
elif len(NTLMfield) > 4 and NTLMfield[:4] == "NTLM":
return NTLMAuthentication2(url, request, info, NTLMfield)
return lastResult
class NTLMAuthenticationInfo:
def __init__(self, domain, host, user, passwd):
self.domain = 'domain' = 'host'
self.user = 'user'
self.passwd = 'password'
def token_type1(self):
msg = Type1Message(Type1Message.getDefaultFlags(), self.domain,
return Base64.encode(msg.toByteArray())
def token_type3(self, token_type2):
msg2 = Type2Message(Base64.decode(token_type2))
#if jcifs 1.3.7 using msg3 = Type3Message(msg2, self.passwd, self.domain, self.user,
msg3 = Type3Message(msg2, self.passwd, self.domain, self.user,
return Base64.encode(msg3.toByteArray())
In the main part the request looks something like this:
result = request101.GET('/')
where request101 has been predefined with URL and header. So, basically, I don't have a clue how to implement the
I have tried this
result = request101.GET('/')
print str(NTLMAuthentication(result, request101, NTLMAuthenticationInfo))
as well as just this
NTLMAuthentication(request101.GET('/'), request101, NTLMAuthenticationInfo)
but neither of these worked. Any tips on how to run this?
try this
ai = NTLMAuthenticationInfo("domain", "your host", "user", "password")
result = request101.GET('/')
result = NTLMAuthentication(result, request101, ai)