I have some code acting as an HTTP client which supports basic authentication as well as NTLM authentication. I can easily test that basic authentication works by requiring a username/password to access a file in the .htaccess on an Apache server. But how can I test NTLM authentication, short of installing IIS? Are there by any chance any public HTTP servers that accept NTLM authentication?
views:
34answers:
1
A:
As you have probably already realised, because NTLM is a proprietary authentication protocol (that doesn't have any official public documentation provided by Microsoft), you're going to have to either test against an actual IIS server running on Windows, or you could try and mock the authentication scheme using details gleaned from documentation such as this:
You won't find many public HTTP servers (if any) on the internet that you'll be able to test against. NTLM authentication is generally deployed for corporate use such as authenticating against Active Directory and are most often locked behind company VPN's.
I'd bite the bullet and fire up an instance of Windows (Microsoft let you download plenty of 120 day trials of Windows 2008 etc) in a Virtual Machine and test against that.
Kev
2010-10-05 23:19:52