cntlm | Authenticating HTTP proxy with TCP/IP | Proxy library
kandi X-RAY | cntlm Summary
kandi X-RAY | cntlm Summary
Authenticating HTTP(S) proxy with TCP/IP tunneling and acceleration—mirror of http://svn.awk.cz/cntlm
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of cntlm
cntlm Key Features
cntlm Examples and Code Snippets
Community Discussions
Trending Discussions on cntlm
QUESTION
Hi,
We are facing this dreadful issue "authentication not supported" when using egit from eclipse. I have read many articles, questions but none of them seem to solve the issue at hand.
We are using Microsoft Team Foundation Server 2015 which can provide a git repository as version control system. But authentication mechanism does not seem to work using eclipse's egit plugin. We checked using different eclipse versions from eclipse 2020-06, 2020-12, 2021-03 with different jdk setup 1.8, 11 and 15 but no success.
The cloning, push/fetch works fine with git commandline (git bash - windows) even legacy eclipse kepler is working fine without issue, but not the latest ones. The issue seems to be related to NTLM authentication. In newer versions of eclipse, egit doesn't negotiate or send NTLM token even after the server respond with WWW-Authenticate: NTLM.
Below are details for both newer and older eclipse versions, tunneled through TCP/IP Monitor for traffic capture. TFS git repository clone protocol is http even though the portal is on https.
Eclipse 2021-03
Request:
...ANSWER
Answered 2021-May-12 at 07:31Eclipse EGit TFS Git Connection - Authentication not supported
I agree with you. AFAIK, Eclipse’s EGit is built on JGit, and unfortunately, recent versions of JGit actively reject NTLM authentication, resulting in “Authentication not supported” when connecting to on-premises installations of TFS that require NTLM.
You could get more explanation and the solution from the FAQ:
Use Cntlm, a locally-installed proxy that adds NTLM authentication on-the-fly
Use an older version of Eclipse/EGit/JGit
Enable basic authentication with SSL in IIS on your TFS server
Enable Kerberos authentication in IIS on your TFS server (the default for the next version of TFS after TFS 2015):
In IIS manager, click on the TFS site on the left under Connections and open up the "Authentication" section under IIS. Set “ASP.NET Impersonation” to Enabled and “Windows Authentication” to Enabled.
Under "Windows Authentication" right click and select "Providers." Add/enable the "Negotiate" and "NTLM" providers.
Under "Windows Authentication" right click and select "Advanced Settings." Uncheck "Enable Kernel-mode" because it is incompatible with Kerberos.
Besides, With TFS 2017 RTW and up you could create a Personal Access Token with scope at least Code (read and write), then you could use it instead of your password in the Eclipse EGit configuration.
QUESTION
Initially I was having issues trying to figure out why php curl under browser behaves differently when I tried to execute the same script by CLI.
By turning on the CURLOPT_VERBOSE with log output and compare the result of the CLI and browser, here are the differences I've seen:
CURL Under CLI
...ANSWER
Answered 2020-Dec-16 at 03:45After digging around, it turns out all I had to do was to by pass the someurl.com in the /etc/cntlm.conf by including the url in the NoProxy config.
QUESTION
I am working with microsoft bot emulator and everytime I make a request to an external link my office proxy blocks it and application returns 407 error. To work around this I tried following hacks.
Hack #1:
Used fiddler 4 with auto authenticate rule enabled. But I found it doesn't work for ntlm proxy. I also found that the request which are completing with 200 status code has a proxy-authorization header with some encoded content. but I don't know how to set this header for all the requests.
Hack #2: Installed and ran a cntlm proxy, still same error.
I am using Micosoft bot framework 4 with dotnet core and bot emulator 4.10, Os: windows 7
Please help let me know if I can somehow make it work around ntlm proxy.
...ANSWER
Answered 2020-Sep-08 at 08:13Looks like the office network is very restricted when it comes to network access.
May be you should better talk to your IT department if you can't get a PC that is located in a different subnet that is less restrictive. Or if you are lucky the change the configuration for your PC so that you can access the required servers without proxy.
QUESTION
I'm trying to use visual studio code to write some python as I can't handle the memory requirements of pycharm. I'm also working around a corporate proxy, so I've installed cntlm locally to get around this so all requests need to go to 127.0.0.1
I started visual studio code using;
...ANSWER
Answered 2020-May-12 at 08:36Don't try to solve that in VS Code, but on OS level. You can create a global config file for PIP, where you set the proxy for it to use. By that it doesn't matter if you use VS Code or a terminal to run PIP. In a terminal, run:
QUESTION
Is there a way to use CNTLM proxy with autoconfiguration .pac file? I'd like CNTLM to automatically decide, which urls should be resolved through proxy and which directly (basing on a remote corporate .pac file).
...ANSWER
Answered 2020-May-14 at 00:14CNTLM can't process PAC files. You could try to configure CNTLM so that it contains the same set of proxies as your PAC file, but some PAC files are too complex to represent with CNTLM's config settings, and you also risk your CNTLM config file getting out-of-sync with updates that your network admins make to your PAC file.
An alternative is to use Alpaca, which executes the PAC file in a JavaScript VM, and performs NTLM authentication with the resulting proxy.
QUESTION
My agents are running behind a local CNTLM proxy running on port 3128. When this task is executed I always get the following error message:
[error]Error: tunneling socket could not be established, cause=connect ECONNREFUSED 127.0.0.1:3128Does this task not support a proxy setup for the agent?
The version of the task is: 1.156.1
...ANSWER
Answered 2019-Dec-12 at 10:27Here is the summary of changes to solve it:
Background: One linux VM running 4 agents (as service). CNTLM proxy is running on the VM on port 3128. IP of the VM is 172.17.0.1.
pipelines.yml resources: containers: - container: maven3 image: maven:3-jdk-8 # tmp volume mount can be removed as soon as https://developercommunity.visualstudio.com/content/problem/367290/maven-task-fails-because-maveninfo-cannot-be-publi.html is fixed options: -v /local/home/rbadmin_app2/.m2/repository:/home/rbadmin_VSTSContainer/.m2/repository -v /tmp:/tmp -e HTTP_PROXY="http://172.17.0.1:3128" -e HTTPS_PROXY="http://172.17.0.1:3128"
Configuration on Server that is running our 4 agents: CNTLM: listen on "docker IP":3128 Docker IP can found by command: ip address It will be the inet of docker0:
On (host running agents): 172.17.0.1:3128 /etc/sysctl.conf: Add below setting: net.ipv4.conf.all.forwarding = 1 Configuration on VSTS: Set the docker-ip based proxy in file .proxy of the VSTS root directory Steps (example on host running agents as service): if not exist create file /.proxy Content: 172.17.0.1:3128
QUESTION
I have this weird problem that can be reproduced with the simple tutorial from Docker.
If I follow the tutorial exactly, everything would work fine, i.e. after docker-compose up command, the web container would run and connect nicely to the db container.
However, if I choose to create the same Django project on the host, change its settings for the postgres db, and copy it over to the web image in its Dockerfile, instead of mounting the host directory to the container and doing those things there as shown in the tutorial (using the command docker-compose run web django-admin.py startproject composeexample . and then change the settings file generated and located in the mounted directory on the host), the first time I run docker-compose up, the web container would have problems connecting to the db, with the error as below
web_1 | psycopg2.OperationalError: could not connect to server: Connection refused web_1 | Is the server running on host "db" (172.18.0.2) and accepting web_1 | TCP/IP connections on port 5432?
However, if I stop the compose with docker-compose down and then run it again with docker-compose up, the web container would connect to the db successfully with no problems.
'Connection refused' seems to be not an uncommon problem here but I have checked and verified that all the settings are correct and the usual causes like wrong port number, port not exposed or setting host as 'local' instead of 'db', etc. are not the problems in this case.
Note: FWIW, I use CNTLM as the system proxy in the host and have to set the environment variables for the web image, and it works fine for other scenarios.
EDIT: Please find additional info as below.
In the host directory I have the following files and directories
- composeexample (generated by another container following the same tutorial and copied over to here)
- manage.py (generated by another container and copied over to here)
- requirements.txt (exactly as the one in the tutorial)
- Dockerfile (slightly modified from the one in the tutorial)
- docker-compose.yml (slightly modified from the one in the tutorial)
composeexample/settings.py:
...ANSWER
Answered 2019-Nov-13 at 10:26Use wait-for-it.sh to wait for Postgres to be ready:
Download this well known script: https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
QUESTION
I am trying to start Cntlm Authentication Proxy service on Windows 10 but I'm getting the 1067 error:
The Cntlm Authentication proxy service on local computer started and then stopped. Some Services stop automatically if they are not in use by another services or programs.
Does someone know why this happens?
...ANSWER
Answered 2018-Jul-12 at 08:10The port could be in use by another program or service. Try to run cntlm -v in a Windows command prompt with admin privileges. This should tell you about any collisions.
CNTLM is definitely working fine on Windows 10.
QUESTION
I had installed and configured CNTLM on my Windows 7 machine.
CNTLM is running and I can see it in Process. I have problems with a development tool that points to http://localhost:3128, I have doubts that CNTML doesn't work correctly.
Question:
How can I get a url form command line passing by CNTLM proxy?
Version:
...ANSWER
Answered 2019-Jul-15 at 11:22You can open CMD (Windows Prompt), navigate to the Cntlm folder and type:
QUESTION
Context: OS: Windows 10 Pro; Docker ver: 18.09.0 (build 4d60db4); Behind corporate proxy, using CNTLM to solve this issue. (currently pulling / running image works fine)
Problem: I was trying to build the following Dockerfile:
...ANSWER
Answered 2019-May-07 at 05:39I finally managed to solve this problem, and the culprit was my setting in the CNTLM. For a background story, please check this post.
The root cause of this problem is that the docker container could not access the internet from inside the VM due to wrong IP setting inside the CNTLM.ini.
Normally CNTLM listens to 127.0.0.1:3128 by default to forward the proxy. I followed the default, and thus set the proxy setting on Docker (for the daemon - through the GUI, and for the container - through config.json) is also set into that address and port. It turns out that this "localhost" does not apply to the VM where docker sits, since the VM has its own localhost. Long story short, the solution is to change that address into dockerNAT IP address (10.0.75.1:3128) in all of the following locations:
CNTLM.ini(on theListenline. Actually if we use CNTLM for other purposes as well, it is possible to supply more than oneListenline)- Docker daemon's proxy (through the Docker setting GUI)
Docker container
config.json(usually inC:\Users\\.docker), by adding the following lines:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install cntlm
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
