DataFlex
DataFlex
NTLM Client and Server Code
See more NTLM Examples
Demonstrates the NTLM authentication algorithm for both client and server.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoNtlmClient
Handle hoNtlmServer
String sType1Msg
String sType1Info
String sType2Msg
String sType2Info
String sType3Msg
String sClientUsername
String sExpectedType3Msg
String sTemp1
Boolean bTemp1
Move False To iSuccess
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatNtlm)) To hoNtlmClient
If (Not(IsComObjectCreated(hoNtlmClient))) Begin
Send CreateComObject of hoNtlmClient
End
Get Create (RefClass(cComChilkatNtlm)) To hoNtlmServer
If (Not(IsComObjectCreated(hoNtlmServer))) Begin
Send CreateComObject of hoNtlmServer
End
// The NTLM protocol begins by the client sending the server
// a Type1 message.
Set ComWorkstation Of hoNtlmClient To "MyWorkstation"
Get ComGenType1 Of hoNtlmClient To sType1Msg
Showln "Type1 message from client to server:"
Showln sType1Msg
// If the server wishes to examine the information embedded within the
// Type1 message, it may call ParseType1.
// This step is not necessary, it is only for informational purposes..
Get ComParseType1 Of hoNtlmServer sType1Msg To sType1Info
Showln "---"
Showln sType1Info
// The server now generates a Type2 message to be sent to the client.
// The Type2 message requires a TargetName. A TargetName is
// the authentication realm in which the authenticating account
// has membership (a domain name for domain accounts, or server name
// for local machine accounts).
Set ComTargetName Of hoNtlmServer To "myAuthRealm"
Get ComGenType2 Of hoNtlmServer sType1Msg To sType2Msg
Get ComLastMethodSuccess Of hoNtlmServer To bTemp1
If (bTemp1 <> True) Begin
Get ComLastErrorText Of hoNtlmServer To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Type2 message from server to client:"
Showln sType2Msg
// The client may examine the information embedded in the Type2 message
// by calling ParseType2, which returns XML. This is only for informational purposes
// and is not required.
Get ComParseType2 Of hoNtlmClient sType2Msg To sType2Info
Showln "---"
Showln sType2Info
// The client will now generate the final Type3 message to be sent to the server.
// This requires the Username and Password:
Set ComUserName Of hoNtlmClient To "test123"
Set ComPassword Of hoNtlmClient To "myPassword"
Get ComGenType3 Of hoNtlmClient sType2Msg To sType3Msg
Get ComLastMethodSuccess Of hoNtlmClient To bTemp1
If (bTemp1 <> True) Begin
Get ComLastErrorText Of hoNtlmClient To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Type3 message from client to server:"
Showln sType3Msg
// The server may verify the response by first "loading" the Type3 message.
// This sets the various properties such as Username, Domain, Workstation,
// and ClientChallenge to the values embedded within theType3 message.
// The server may then use the Username to lookup the password.
// Looking up the password is dependent on your infrastructure. Perhaps your
// usernames/passwords are stored in a secure database. If that's the case, you would
// write code to issue a query to get the password string for the given username.
// Once the password is obtained, set the Password property and then
// generate the Type3 response again. If the server's Type3 response matches
// the client's Type3 response, then the client's password is correct.
Get ComLoadType3 Of hoNtlmServer sType3Msg To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoNtlmServer To sTemp1
Showln sTemp1
Procedure_Return
End
// The Username property now contains the username that was embedded within
// the Type3 message. It can be used to lookup the password.
Get ComUserName Of hoNtlmServer To sClientUsername
// For this example, we'll simply set the password to a literal string:
Set ComPassword Of hoNtlmServer To "myPassword"
// The server may generate the Type3 message again, using the client's correct
// password:
Get ComGenType3 Of hoNtlmServer sType2Msg To sExpectedType3Msg
Showln "Expected Type3 Message:"
Showln sExpectedType3Msg
// If the Type3 message received from the client is exactly the same as the
// expected Type3 message, then the client must've used the same password,
// and authentication is successful
End_Procedure