NTLM Class
Properties Methods Events Configuration Settings Errors
The NTLM class provides a simple API to create the required tokens for NTLM authentication.
Syntax
class ipworksauth.NTLM
Remarks
This class provides a simple API to create the required tokens for NTLM authentication.
The NTLM authentication process is a challenge-response scheme which consists of three messages. These three messages are the negotiation, challenge, and authentication. This class implements only the client side of NTLM and will create the negotiation and authentication tokens. The class does not transmit any data, it simply prepares the tokens for use in other transport protocols such as HTTP. The following steps describe how the component is used.
Create the Negotiate Token
To begin first set user and password. The user value may contain domain information in the format "DOMAIN\User" or "user@domain".
Next call create_negotiate_token to populate negotiate_token. This token may then be transmitted separately. For instance in HTTP
this would be sent in a request within the Authorization header:
HTTPHeader = "Authorization: NTLM " + negotiate_token
Create the Auth Token
After sending the negotiate token over the chosen transport protocol,
the server will respond with a challenge token. Set challenge_token to the
token received from the server. For instance, in HTTP the server will respond with the challenge token in the WWW-Authenticate header:
WWW-Authenticate: NTLM <ChallengeToken>After setting user, password, and challenge_token call create_auth_token. This will populate auth_token with the created token. This token may then be transmitted separately. For instance in HTTP this would be sent in the request within the Authorization header:
HTTPHeader = "Authorization: NTLM " + auth_token
Note: If the server requires EPA (Extended Protection for Authentication), then ssl_server_cert must be set to the server's public certificate before calling create_auth_token.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| auth_token | The authentication token. |
| challenge_token | The challenge token. |
| negotiate_token | The negotiate token. |
| ntlm_version | The NTLM version. |
| password | The user's password. |
| ssl_server_cert_encoded | The certificate (PEM/base64 encoded). |
| ssl_server_cert_store | The name of the certificate store for the client certificate. |
| ssl_server_cert_store_password | If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store. |
| ssl_server_cert_store_type | The type of certificate store for this certificate. |
| ssl_server_cert_subject | The subject of the certificate used for client authentication. |
| user | The user. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| config | Sets or retrieves a configuration setting. |
| create_auth_token | Creates the authentication token. |
| create_negotiate_token | Creates the negotiate token. |
| reset | Resets the class. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_error | Information about errors during data delivery. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
| DecodeToken | Whether to Base64 encode the token. |
| EncodeToken | Whether to Base64 encode the token. |
| UsePlatformNTLMAPI | Whether to use the platform NTLM API. |
| Workstation | The workstation name. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
| SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
| UseInternalSecurityAPI | Tells the class whether or not to use the system security libraries or an internal implementation. |