|
|
本帖最后由 demo 于 2012-6-5 04:28 编辑
If one connects to an IIS 6 website configured with "Windows Authentication", the code bellow can be applied go get through. remember using the format for Windows domain user account!
Only if correct authentication credentials are given and the cURL option CURLOPT_HTTPAUTH is set to CURLAUTH_NTLM (CURLAUTH_ANY or CURLAUTH_ANYSAFE will not work!) the script terminates successfully and returns the content of the then authenticated request. The behaviour is not limited to requests to localhost (as in the sample code) and a request to an IIS 7 website with "Windows Authentication" will show the expected result (status 401 - no access violation). Test script:---------------
- <?php
- $curl = curl_init("http://localhost");
- //or: $curl = curl_init();
- // $curl = curl_setopt($curl, CURLOPT_URL, "http://localhost");
- curl_setopt($curl, CURLOPT_VERBOSE, true);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
- // In some bug version, if the authentication information are not given
- // in exactly this way the process will crash with
- // an access violation.
- //curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
- //curl_setopt($curl, CURLOPT_USERPWD, '<domain>/<user>:<password>');
- $data = curl_exec($curl);
- if(curl_errno($curl)) {
- echo 'cURL error: ' . curl_error($curl)."\n";
- }
- curl_close($curl);
- php>
Expected result:----------------
* About to connect() to localhost port 80 (#0)
* Trying 127.0.0.1... * connected
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
Host: localhost
Accept: */*
< HTTP/1.1 401 Unauthorized
< Content-Length: 1656
< Content-Type: text/html
< Server: Microsoft-IIS/6.0
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
< Date: Tue, 20 Dec 2011 15:17:01 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0
Some special circumstances, refer to the follow link:
Bug #60576 PHP cURL crash connecting to IIS6 website with NTLM authentication
|
|
窥视卡
雷达卡
发表于 2012-6-4 12:22:21
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
千斤顶
显身卡