Comments (11)
What version of Windows are you running? Also, are you logging in with an NTLM password (domain login) or logging in with a local user account?
from px.
Windows 10 64 bit
from px.
Are you logging in with an NTLM password (into a domain account since machine is part of the domain) or logging in with a local user account? If it is the latter, there's no SSPI possible from what I understand.
from px.
It is on a corporate domain.
from px.
Can you please confirm the following:-
- Does the binary distribution of Px work on your system? Either 32-bit or 64-bit?
- Does the 32-bit distro of 2.7 Python work on your system?
- How about 3.5 if you get a chance to try that out?
Not really sure why the system isn't working as expected.
from px.
Thanks for getting back to me. At the moment I have found a workaround that does not require the use of PX. I did however try 32 bit version which fails as well. It seems to fail the security portion of the proxy. I still kept getting a 407 unauthorized.
I will see if I can get a chance to use 3.5 to test it out.
from px.
I got the similar issue here.
Traceback (most recent call last):
File "D:\tool\python\px-master\px.py", line 100, in create_challenge_response
error_msg, output_buffer = self.sspi_client.authorize(input_buffer)
File "C:\Python35\lib\site-packages\win32\lib\sspi.py", line 139, in authorize
sec_buffer_out)
pywintypes.error: (-2146893048, 'InitializeSecurityContext', 'The token supplied to the function is invalid')
- In a corporation domain
- OS windows7 32bit
- 32bit-distro of 2.7, 3.5
from px.
Thanks for the report - this one is slightly different.
Can you please rerun Px with logging enabled in the INI and in a single process (workers=1)? The logs generated might provide some context which will be helpful to figure out what's going on.
from px.
Oops. I got the answer after google the keyword "sspi SEC_E_INVALID_TOKEN" and following the thread on libcurl: https://curl.haxx.se/mail/lib-2014-09/0044.html
It seems related to "scflags, # security context flags" of sspi.ClientAuth.
I set scflags to 0 and px works well.
from px.
Great catch! I presume you are changing the following in Px (class NtlmMessageGenerator):-
self.sspi_client = sspi.ClientAuth("NTLM", user)
to:-
self.sspi_client = sspi.ClientAuth("NTLM", user, scflags=0)
I tried it out and it still works for me, although it works for me even without this. I checked Curl's implementation and they have picked the same in their call to InitializeSecurityContext():-
https://github.com/fl4re/curl/blob/master/lib/curl_sasl_sspi.c
I'll check this in shortly.
from px.
This was checked in a while back but has just been delivered as part of the v0.2.1 binary release. Thank you for providing the fix!
from px.
Related Issues (20)
- keyring_jeepney broken HOT 2
- Support for keyrings.cryptfile HOT 4
- Logging Directory <> Working Directory HOT 4
- Win11 - The publisher could not be verified HOT 1
- Does this tool support Kerberos authentication to a corporate Web proxy ? HOT 1
- Timeout and connection reset HOT 2
- Allow for multiple listen interfaces HOT 3
- using domain names in the allow list HOT 1
- libcrypto-1_1.dll version 1.1.1q with vulnerabilites HOT 4
- px 0.8.4: PAC configuration seems to cause unstable behaviour HOT 4
- HTTP POST and PUT not working since data rewind is not supported HOT 1
- Unclear listen setting HOT 8
- px 0.9.0 - Windows: does not start as a background service anymore (openes a required console window) HOT 3
- px 0.9.0 - Windows: logging configuration inside px.ini file is ignored and no logging is produced HOT 3
- Thread safety of quickjs HOT 4
- px 0.9.0 responds with "URL malformed" on macOS HOT 5
- Version 0.9.0 with Linux doesn't Authenticate using Kerberos HOT 9
- proxy.pac: isInNet() & isResolvable() not working properly HOT 8
- How to download latest release via script HOT 2
- Embedded libcurl library does not support SPPI/SPNEGO/KERBEROS on v0.9.1 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from px.