[Mono-list] Authenticating against an NTLM only server using HttpWebRequest/NetworkCredential

David Kennedy davepkennedy at gmail.com
Tue Jan 9 11:11:40 EST 2007

I've had a look a what's going over the network by using Ethereal and
to me it doesn't look like the same chain of communication happens in
Mono as happens in .Net.

In .Net the small application produces network traffic somthing like this
(Me -> Server) Request for file
(Me <- Server) Unauthorized, use NTLM
(Me -> Server) Request for file, NTLM data 1
(Me <- Server) Unauthorized, NTLM data 2
(Me -> Server) Request for file, NTLM data 3
(Me <- Server) OK, file data enclosed

With Mono however, the flow goes like
(Me -> Server) Request for file
(Me <- Server) Unauthorized, use NTLM

So where .Net starts off talking to the server to authenticate, Mono
is stopping after the first challenge and not following through with
the dialog.

I'm not sure what I need to do to make this work as it should be very
straight forward as far as I can see, though I'm probably completely
failing to see the obvious answer.

On 1/8/07, Sebastien Pouliot <sebastien.pouliot at gmail.com> wrote:
> On Fri, 2007-01-05 at 17:49 +0000, David Kennedy wrote:
> > Hi,
> >
> > I have a small program (should be attached) which tries to download a
> > file from a server running IIS/SharePoint. If I compile this with mcs
> > and run it with .Net, the file is downloaded from the server and
> > displays in the console. If I run it with Mono, the request is
> > unauthorized.
> >
> > I've had a look around and found some things similar, but I haven't
> > seen any solutions to this. Is there a way to authenticate with a
> > server with NTLM, or can it only be Basic/Digest/Kerberos?
> Mono, since pre-1.0, supports Basic, Digest and NTLM (but not Kerberos).
> It cannot, like MS can do, process authentication without you providing
> the password. It's possible that the password you supply (in your source
> code) isn't the one being used.
> When in doubt in web authentication use a network sniffer, like
> ethereal, to look (it's even easier when SSL/TLS isn't involved) at the
> working and failing. You'll probably see a clue to guide you.
> > Cheers
> > Dave
> > _______________________________________________
> > Mono-list maillist  -  Mono-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list
> --
> Sebastien Pouliot  <sebastien at ximian.com>
> Blog: http://pages.infinit.net/ctech/

More information about the Mono-list mailing list