Proxy with Negociate header

Hello Sir,

Is it possible to use this class to authentificate some kind of proxy server ? My browser use the Header "Negociate" for bypassing the proxy. I've tried to use the NTLM authentification but the login fails. Here is a sample of the code :

<?php

//...
$arguments["ProxyHostName"]="myproxyserver";
$arguments["ProxyHostPort"]="8080";
$arguments["ProxyUser"]="DOMAIN\\lebdenat";
$arguments["ProxyPassword"]="mypassword";
$arguments["ProxyRealm"]="myproxyserver"; // Proxy authentication realm or domain
$arguments["ProxyWorkstation"]="1"; // Workstation for NTLM proxy authentication

//...

?>

Are you including the SASL library classes?

yes, I've included the sasl classes.

If it does not work, I think it is because the server only accepts Negotiate authentication without chance of falling back to some other mechanism supported by the SASL libraries.

This means that you need a new one specifically meant to support Negotiate mechanism, which basically means GSS-API Kerberos authentication on the PHP side.

PHP has a Kerberos extension but I am not sure if this can be used for client side authentication. I can try asking the author.

Anyway, if it is possible to use that extension, I could write a new mechanism class to support negotiate but I do not have a server to test it. In that case, would you be able to provide access to a server to test the eventual new Negotiate class?

Sorry, I can't because I'm working on a local network. The proxy server used by our company is Isa Server 2004.

In that case it would be very hard for me to try to do it because I would not be able to test the development.

What I can do is to guide you on how to write a new SASL class to support the Negotiate protocol. Just let me know if you would like that.

Ok. Thanks for your help. I'll try an other way to bypass the proxy with your library (NTLM, https etc).