Sample code for 30+ languages & platforms
DataFlex

NTLM Client and Server Code

See more NTLM Examples

Demonstrates the NTLM authentication algorithm for both client and server.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoNtlmClient
    Handle hoNtlmServer
    String sType1Msg
    String sType1Info
    String sType2Msg
    String sType2Info
    String sType3Msg
    String sClientUsername
    String sExpectedType3Msg
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatNtlm)) To hoNtlmClient
    If (Not(IsComObjectCreated(hoNtlmClient))) Begin
        Send CreateComObject of hoNtlmClient
    End
    Get Create (RefClass(cComChilkatNtlm)) To hoNtlmServer
    If (Not(IsComObjectCreated(hoNtlmServer))) Begin
        Send CreateComObject of hoNtlmServer
    End

    // The NTLM protocol begins by the client sending the server
    // a Type1 message. 

    Set ComWorkstation Of hoNtlmClient To "MyWorkstation"
    Get ComGenType1 Of hoNtlmClient To sType1Msg

    Showln "Type1 message from client to server:"
    Showln sType1Msg

    // If the server wishes to examine the information embedded within the
    // Type1 message, it may call ParseType1. 
    // This step is not necessary, it is only for informational purposes..
    Get ComParseType1 Of hoNtlmServer sType1Msg To sType1Info

    Showln "---"
    Showln sType1Info

    // The server now generates a Type2 message to be sent to the client.
    // The Type2 message requires a TargetName.  A TargetName is
    // the authentication realm in which the authenticating account
    // has membership (a domain name for domain accounts, or server name
    // for local machine accounts).
    Set ComTargetName Of hoNtlmServer To "myAuthRealm"

    Get ComGenType2 Of hoNtlmServer sType1Msg To sType2Msg
    Get ComLastMethodSuccess Of hoNtlmServer To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoNtlmServer To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "Type2 message from server to client:"
    Showln sType2Msg

    // The client may examine the information embedded in the Type2 message 
    // by calling ParseType2, which returns XML.  This is only for informational purposes
    // and is not required.
    Get ComParseType2 Of hoNtlmClient sType2Msg To sType2Info

    Showln "---"
    Showln sType2Info

    // The client will now generate the final Type3 message to be sent to the server.
    // This requires the Username and Password:
    Set ComUserName Of hoNtlmClient To "test123"
    Set ComPassword Of hoNtlmClient To "myPassword"

    Get ComGenType3 Of hoNtlmClient sType2Msg To sType3Msg
    Get ComLastMethodSuccess Of hoNtlmClient To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoNtlmClient To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "Type3 message from client to server:"
    Showln sType3Msg

    // The server may verify the response by first "loading" the Type3 message.
    // This sets the various properties such as Username, Domain, Workstation,
    // and ClientChallenge to the values embedded within theType3 message.
    // The server may then use the Username to lookup the password.  
    // Looking up the password is dependent on your infrastructure.  Perhaps your
    // usernames/passwords are stored in a secure database.  If that's the case, you would
    // write code to issue a query to get the password string for the given username.
    // Once the password is obtained, set the Password property and then 
    // generate the Type3 response again.  If the server's Type3 response matches
    // the client's Type3 response, then the client's password is correct.

    Get ComLoadType3 Of hoNtlmServer sType3Msg To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoNtlmServer To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // The Username property now contains the username that was embedded within
    // the Type3 message.  It can be used to lookup the password.
    Get ComUserName Of hoNtlmServer To sClientUsername

    // For this example, we'll simply set the password to a literal string:
    Set ComPassword Of hoNtlmServer To "myPassword"

    // The server may generate the Type3 message again, using the client's correct
    // password:
    Get ComGenType3 Of hoNtlmServer sType2Msg To sExpectedType3Msg

    Showln "Expected Type3 Message:"
    Showln sExpectedType3Msg

    // If the Type3 message received from the client is exactly the same as the
    // expected Type3 message, then the client must've used the same password,
    // and authentication is successful


End_Procedure